Log entries "bind update on ... rejected: BNDUPD without CHADDR"

Bob Harold rharolde at umich.edu
Tue Apr 30 13:16:10 UTC 2019 

On Mon, Apr 29, 2019 at 7:32 PM Brooks, Jason <Jason.Brooks at allstream.com>
wrote:

> Hello,
>
>
>
> I have a primary and secondary dhcpd server that I have set up as central
> dhcp servers for a bunch of relays.  The servers come up, and they
> communicate properly.  The trouble is they keep reporting:
>
>
>
> “bind update on ww.xx.yy.zz from <my failover> rejected: BNDUPD without
> CHADDR”
>
>
>
> I do NOT want to update dns: dns is not relevant here.
>
>
>
> Question number one:
>
>               Is this “error” due to dhcpd failing to update the dns
> server, or some sort of socket binding issue?  (overuse of the word “bind”
> perhaps?)
>
>
>
> In both of the dhcpd.conf files, I have the following lines:
>
> ddns-update-style none;
>
> ddns-updates off;
>
>
>
> Question number two:
>
>               Why would dhcpd try to send updates if they are turned off?
>
>
>
> Further information:
>
> I am running isc bind produced by centos: 4.2.5.  I will also be seeking
> answers there in case it’s a question of their compiling and bollixing it
> up.
>
>
>
> I am currently consolidating a number of remotely located dhcp servers
> that are very old (Solaris 10 running bind 3.0.4 ).  At present the remote
> servers are having dhcp queries relayed to them by the various equipment we
> support.  Once this is done, we will simply change the relay ip to the new
> servers.
>
>
>
> The procedure I am using: replicate all dhcpd.leases, filtering out
> deprecated and dhcp server specific content, copying new dhcpd.leases to
> both dhcp development servers, and starting dhcpd.
>
>
>
> Enclosed is a shortened, sanitized sample dhcpd.conf file.  The only
> difference between primary and secondary is the address and peer addresses
> are swapped.  I have ensured peer tcp ports are not firewalled.
>

As I understand it, the primary and secondary need more differences:
- addresses swapped, as you say
- ports swapped
- 'primary' changed to 'secondary'
- 'mclt' and 'split' are only allowed on the primary

Here are a pair of mine (generated by BlueCat), for example:

failover peer "8dd393e8-8dd393f8"
{
    primary;
    address 141.211.147.232;
    port 847;
    peer address 141.211.147.248;
    peer port 647;
    max-response-delay 60;
    max-unacked-updates 10;
    mclt 1800;
    split 128;
    load balance max seconds 3;
}

failover peer "8dd393e8-8dd393f8"
{
    secondary;
    address 141.211.147.248;
    port 647;
    peer address 141.211.147.232;
    peer port 847;
    max-response-delay 60;
    max-unacked-updates 10;
    load balance max seconds 3;
}

-- 
Bob Harold


>
>
> Thank you for  your time!
>
>
>
> --jason
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20190430/84f127d3/attachment.html>

More information about the dhcp-users mailing list