DDNS Updates on lease expire.
Mark Mc Nicholas
markmcn at section9.ie
Wed Aug 17 12:00:48 UTC 2016
Hi Simon,
Thanks, I didn't want to waste people's time with config's until I
confirmed if this was normal.
Below are the config's of DHCPD & Bind,
I've edited the keys since posting publicly.
I have no logs from DHCPD indicating a release of an IP. DHCP & DNS are
running on different boxes however there is no known communication issue
between them.
The only proof I can show from logs is that it updates A records and PTR
records.
Please let me know if I have missed something
Thanks for the help
Kind Regards
Mark
====DHCPD Config====
ddns-updates on;
ddns-update-style interim;
update-static-leases on;
key sun-key { algorithm hmac-md5; secret "123456789";}
allow unknown-clients;
use-host-decl-names on;
zone i.home.ie.{
primary moto.i.home.ie;
key sun-key;
}
# Common to all subnets
option domain-name "home.ie";
default-lease-time 1800;
max-lease-time 14400;
authoritative;
allow unknown-clients;
subnet 172.17.2.0 netmask 255.255.255.128 {
range 172.17.2.41 172.17.2.100;
default-lease-time 1800;
max-lease-time 14400;
authoritative;
option routers 172.17.2.1;
option domain-name-servers 172.17.2.4,192.168.252.1 ;
option domain-name "i.home.ie";
option domain-search "i.home.ie";
option ntp-servers 193.1.219.116,193.1.31.66;
ddns-domainname "i.home.ie.";
ddns-rev-domainname "in-addr.arpa.";
host skynet09{
hardware ethernet AC:CF:23:8D:10:60;
fixed-address 172.17.2.39;
ddns-hostname "skynet009";
}
}
====Bind Config====
key "sun-key" {
algorithm hmac-md5;
secret "123456789";
};
options {
listen-on port 53 { 192.168.252.1; };
#listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
allow-recursion { PermitRecursion; };
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "i.home.ie" {
type master;
file "/etc/named/i.home.ie";
allow-update { key sun-key; };
allow-transfer { RFC1918; };
notify yes;
};
Bind Logs of an Update
named[1563]: client 172.17.2.4#28949: updating zone 'i.home.ie/IN': update
unsuccessful: skynet001.i.home.ie: 'name not in use' prerequisite not
satisfied (YXDOMAIN)
named[1563]: client 172.17.2.4#28949: signer "sun-key" approved
named[1563]: client 172.17.2.4#28949: updating zone 'i.home.ie/IN':
deleting rrset at 'skynet001.i.home.ie' A
named[1563]: client 172.17.2.4#28949: updating zone 'i.home.ie/IN': adding
an RR at 'skynet001.i.home.ie' A
named[1563]: client 172.17.2.4#28949: signer "sun-key" approved
DHCP Logs for the same device
dhcpd[6271]: DHCPREQUEST for 172.17.2.31 from ac:cf:23:8d:77:56 via eth0
dhcpd[6271]: DHCPACK on 172.17.2.31 to ac:cf:23:8d:77:56 via eth0
dhcpd[6271]: Added new forward map from skynet001.i.home.ie. to 172.17.2.31
dhcpd[6271]: Added reverse map from 31.2.17.172.in-addr.arpa. to
skynet001.i.home.ie.
On Wed, Aug 17, 2016 at 12:34 PM, Simon Hobson <dhcp1 at thehobsons.co.uk>
wrote:
> Mark Mc Nicholas <markmcn at section9.ie> wrote:
>
> > I'm wondering should DHCPD update DNS to remove an expired entry?
>
> Yes it should.
> It might help if you posted your config, and log file entries relevant to
> an event.
>
> _______________________________________________
> dhcp-users mailing list
> dhcp-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users
>
--
Begin at the beginning,and go on till you come to the end: then stop.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20160817/b44b0cfd/attachment.html>
More information about the dhcp-users
mailing list