dhcpd not writing forward lookup for Windows host.

Glenn Satchell glenn.satchell at uniq.com.au
Tue Oct 2 05:23:38 UTC 2012


This is from the dhcpd.conf man page:

     The first point to understand about this style of DNS update
     is  that  unlike  the ad-hoc style, the DHCP server does not
     necessarily always update both the A and  the  PTR  records.
     The  FQDN  option  includes  a  flag which, when sent by the
     client, indicates that the client wishes to update its own A
     record.    In that case, the server can be configured either
     to honor the client's intentions or ignore them.    This  is
     done  with the statement allow client-updates; or the state-
     ment ignore client-updates;.   By  default,  client  updates
     are allowed.

So the windows boxes by default send the I want to update DNS. There's a
tick box on the interface setting under one of the Advanced tabs "Update
my entry in DNS" or similar words. I suspect the Linux ones don't.

I believe you need to add "deny client-updates;" to the settings, then the
server will always do the DNS update.

regards,
-glenn

On Tue, October 2, 2012 12:45 pm, Gregory Machin wrote:
> Hi.
> I have a linux dhcpd and bind server that provide dhcp and dns for
> machines on my local network I also have a Windows 2008 AD server that
> is part of a cluster, all windows machines on all sites are joined to
> ad.domian.com, on the other sites dhcp and dns are provided by windows
> 2008 servers. Each site has a local dns zone to indicate the location
> of the machine eg hamilton.domain.com and auckland.domain.com .
>
> On my local network my windows 7 desktop gets an IP from the local
> DHCP server and the dhcp wirites a revers lookup for the machine
> correctly into the apropriat Bind DNS zone. But there the local dns
> zone is not updated with the hostname and IP of my workstation, yet
> the global AD domain ad.domain.com is. Thus my machines forward and
> reverse records don't match.
>
> Eg forwared lookup: workstation01.ad.domain.com 192.168.2.10
>      reverse  lookup:  192.168.2.10 workstation01.hamilton.domain.com
>
> Yet all my linus machines that use send host create forward and
> reverse lookups in unsing hamilton.domain.com
>
> Eg forwared lookup: workstation01.hamilton.domain.com 192.168.2.11
>      reverse  lookup:  192.168.2.11 workstation01.hamilton.domain.com
>
> My dhcp config
>
> subnet 192.168.1.0 netmask 255.255.254.0 {
>         ddns-updates on;
>         ddns-rev-domainname "in-addr.arpa.";
>         ddns-domainname "hamilton.domain.com";
>
>         option routers 192.168.1.253;
>         option subnet-mask 255.255.254.0;
>         range 192.168.2.100 192.168.2.199;
>         option domain-name "hamilton.domain.com";
>         option domain-name-servers server01.hamilton.domain.com
> ,server02.hamilton.domain.com;
>         option domain-search  "hamilton.domain.com.","ad.domain.com.",
> "auckland.domain.com.", "uk.domain.com.","us.domain.com";
>         one-lease-per-client on;
>         default-lease-time 43200;
>         max-lease-time 86400;
>
>
> Oct  2 14:31:13 server01 dhcpd: DHCPDISCOVER from 08:00:27:9f:79:9c
> (workstation01) via 192.168.68.253
> Oct  2 14:31:13 server01 dhcpd: DHCPOFFER on 192.168.2.164 to
> 08:00:27:9f:79:9c (workstation01) via 192.168.68.253
> Oct  2 14:31:13 server01 named[1121]: client 192.168.32.7#47982: view
> interenal: updating zone '2.168.192.in-addr.arpa/IN': deleting rrset
> at '164.2.168.192.in-addr.arpa' PTR
> Oct  2 14:31:13 server01 named[1121]: client 192.168.32.7#47982: view
> interenal: updating zone '2.168.192.in-addr.arpa/IN': adding an RR at
> '164.2.168.192.in-addr.arpa' PTR
> Oct  2 14:31:13 server01 dhcpd: added reverse map from
> 164.2.168.192.in-addr.arpa. to workstation01.hamilton.domain.com
> Oct  2 14:31:13 server01 dhcpd: DHCPREQUEST for 192.168.2.164
> (192.168.32.7) from 08:00:27:9f:79:9c (workstation01) via
> 192.168.68.253
> Oct  2 14:31:13 server01 dhcpd: DHCPACK on 192.168.2.164 to
> 08:00:27:9f:79:9c (workstation01) via 192.168.68.253
> Oct  2 14:31:16 server01 dhcpd: DHCPINFORM from 192.168.2.164 via
> 192.168.68.253
> Oct  2 14:31:16 server01 dhcpd: DHCPACK to 192.168.2.164
> (08:00:27:9f:79:9c) via eth0
>
> there are no errors by named or the dhcp server to indicate why the
> windows host doesn't write a forward lookup.
>
> I see the follow :
> Oct  2 14:31:17 server01 named[1121]: client 192.168.2.164#50087: view
> interenal: update '1.168.192.in-addr.arpa/IN' denied
> Oct  2 14:31:17 server01 named[1121]: client 192.168.2.164#50640: view
> interenal: update 'hamilton.domain.com/IN' denied
>
> But I don't allow the clients to to write directly into the DNS for
> secrutiy reasons, so these are expected from windows machine
>
> So how do I get the forward record writen into dns for windows
> machines or all machines if there is a global config I can use that
> would push the given host name to forward and reverse.
>
> Thanks
> _______________________________________________
> dhcp-users mailing list
> dhcp-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users
>




More information about the dhcp-users mailing list