DHCPD Not UPDATE-ing with DDNS

Jonathan Lassoff jof at thejof.com
Wed Dec 23 01:10:43 UTC 2009


I'm a bit stumped trying to get DHCPD to send DNS UPDATEs to a local
BIND server to update records for a subent it serves.

The DHCPD is authoritative for 192.168.96.0/21, and I intend to have it
send updates for both forward and reverse records to the local BIND DNS
server that is serving records for both forward and reverse zones
internally.

So, I've first setup an HMAC-MD5 key in both BIND and DHCPD.

>From /etc/bind/named.conf:
------------------------------------
key "dhcpupdate" {
 algorithm hmac-md5;
 secret "xxxxxxxxxxxxxxxxxxx";
};
------------------------------------

And configured some zones and my subnet in dhcpd.conf:
------------------------------------
log-facility local7;
default-lease-time 300;
max-lease-time 600;

authoritative;

key dhcpupdate {
 algorithm hmac-md5;
 secret xxxxxxxxxxxxxxxxxxxxxxxxx;
}
zone burn.xen.example.com. {
 primary 127.0.0.1;
 key dhcpupdate;
}
zone 96.168.192.in-addr.arpa. {
 primary 127.0.0.1;
 key dhcpupdate;
}
zone 97.168.192.in-addr.arpa. {
 primary 127.0.0.1;
 key dhcpupdate;
}
zone 98.168.192.in-addr.arpa. {
 primary 127.0.0.1;
 key dhcpupdate;
}
zone 99.168.192.in-addr.arpa. {
 primary 127.0.0.1;
 key dhcpupdate;
}
zone 100.168.192.in-addr.arpa. {
 primary 127.0.0.1;
 key dhcpupdate;
}
zone 101.168.192.in-addr.arpa. {
 primary 127.0.0.1;
 key dhcpupdate;
}
zone 102.168.192.in-addr.arpa. {
 primary 127.0.0.1;
 key dhcpupdate;
}
zone 103.168.192.in-addr.arpa. {
 primary 127.0.0.1;
 key dhcpupdate;
}

subnet 192.168.96.0 netmask 255.255.248.0 {
 server-identifier 192.168.96.1;
 ddns-updates on;
 ddns-update-style interim;
 ddns-domainname "burn.xen.example.com.";
 ddns-rev-domainname "in-addr.arpa.";
 do-forward-updates true;
 ignore client-updates;
 
 range 192.168.96.200 192.168.103.254;
 option routers 192.168.96.1;
 option domain-name-servers 192.168.96.100;
 option domain-name "burn.xen.example.com";
 option domain-search "burn.xen.example.com", "xen.example.com";
 option ip-forwarding off;
}
------------------------------------

Manually sending signed updates with the same key to the local DNS
daemon works just fine. So, I began using strace/ptrace() to see what
(if anything) dhcpd is doing in the background when I trigger my clients
to re-request their address. In conjunction, I was using tshark to look
at network traffic on lo to look for DNS UPDATEs to localhost.

I was looking for both file-related and network-related syscalls in the
strace and didn't find dhcpd doing anything other than its normal lease
assignment process.

My dhcpd shows:

-----------------------------------
hostname:~# dhcpd3 --version
isc-dhcpd-V3.1.1
-----------------------------------

Any help or suggestions as to why this doesn't work would be
appreciated.

Cheers,
jonathan



More information about the dhcp-users mailing list