Log entries "bind update on ... rejected: BNDUPD without CHADDR"
Bob Harold
rharolde at umich.edu
Tue Apr 30 13:16:10 UTC 2019
On Mon, Apr 29, 2019 at 7:32 PM Brooks, Jason <Jason.Brooks at allstream.com>
wrote:
> Hello,
>
>
>
> I have a primary and secondary dhcpd server that I have set up as central
> dhcp servers for a bunch of relays. The servers come up, and they
> communicate properly. The trouble is they keep reporting:
>
>
>
> “bind update on ww.xx.yy.zz from <my failover> rejected: BNDUPD without
> CHADDR”
>
>
>
> I do NOT want to update dns: dns is not relevant here.
>
>
>
> Question number one:
>
> Is this “error” due to dhcpd failing to update the dns
> server, or some sort of socket binding issue? (overuse of the word “bind”
> perhaps?)
>
>
>
> In both of the dhcpd.conf files, I have the following lines:
>
> ddns-update-style none;
>
> ddns-updates off;
>
>
>
> Question number two:
>
> Why would dhcpd try to send updates if they are turned off?
>
>
>
> Further information:
>
> I am running isc bind produced by centos: 4.2.5. I will also be seeking
> answers there in case it’s a question of their compiling and bollixing it
> up.
>
>
>
> I am currently consolidating a number of remotely located dhcp servers
> that are very old (Solaris 10 running bind 3.0.4 ). At present the remote
> servers are having dhcp queries relayed to them by the various equipment we
> support. Once this is done, we will simply change the relay ip to the new
> servers.
>
>
>
> The procedure I am using: replicate all dhcpd.leases, filtering out
> deprecated and dhcp server specific content, copying new dhcpd.leases to
> both dhcp development servers, and starting dhcpd.
>
>
>
> Enclosed is a shortened, sanitized sample dhcpd.conf file. The only
> difference between primary and secondary is the address and peer addresses
> are swapped. I have ensured peer tcp ports are not firewalled.
>
As I understand it, the primary and secondary need more differences:
- addresses swapped, as you say
- ports swapped
- 'primary' changed to 'secondary'
- 'mclt' and 'split' are only allowed on the primary
Here are a pair of mine (generated by BlueCat), for example:
failover peer "8dd393e8-8dd393f8"
{
primary;
address 141.211.147.232;
port 847;
peer address 141.211.147.248;
peer port 647;
max-response-delay 60;
max-unacked-updates 10;
mclt 1800;
split 128;
load balance max seconds 3;
}
failover peer "8dd393e8-8dd393f8"
{
secondary;
address 141.211.147.248;
port 647;
peer address 141.211.147.232;
peer port 847;
max-response-delay 60;
max-unacked-updates 10;
load balance max seconds 3;
}
--
Bob Harold
>
>
> Thank you for your time!
>
>
>
> --jason
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20190430/84f127d3/attachment.html>
More information about the dhcp-users
mailing list