DHCPd only updating the forward zone

Sun Dec 20 16:46:32 UTC 2020

Dan Egli <dan at newideatest.site> wrote:

> Here is the zone files. Note that the zone doesn't exist on the public internet.
...
Apart from ridiculously short timeout values, that looks mostly OK.

> After a machine called Venus boots, there's also a .jnl file for eglifamily.zone, but NOT for 10.168.192.arpa.zone

What do the logs for both DNS and DHCP show when this happens ?

> Here's dhcpd.conf:
> default-lease-time 3600;
> max-lease-time 43200;
> 
> ddns-update-style interim;
> 
> authoritative;
> log-facility local1;
> 
> 
> allow booting;
> 
> subnet 10.0.0.0 netmask 255.0.0.0 {
> # no services at all! That's the llnk from the ISP. Don't touch it!
> }
> 
> 
> subnet 192.168.10.0 netmask 255.255.255.0 {
>         interface enp0s8;
>         range 192.168.10.128 192.168.10.254;
>         if exists user-class and option user-class = "iPXE" {
>         filename "pxelinux.efi";
>         } else {
>         filename "pxelinux.0";
>         }
>         next-server 192.168.10.3;
>         option domain-name-servers 192.168.10.2, 8.8.8.8;
>         option domain-name "eglifamily.name";
>         option routers 192.168.10.1;
> 
> }
> 
> host fixed-1 {
>         hardware ethernet 08:00:27:D5:AA:3C;
>         fixed-address 192.168.10.64;
>         option host-name "fixed-1";
>         ddns-hostname "fixed-1.eglifamily.name";
> }

Listing both your internal and an external DNS server is a bad idea - you'll have (seemingly) random DNS failures for your internal zones, and they may not start happening for some time after you've forgotten how you set things up. Many people setup this sort of thing thinking that clients will check with one, then the next. But some clients (at least some have in the past), if they experience a failure with the first server, will put it to the end of the list where it will stay until there's a failure with another server - and this will persist across reboots. The effect is that suddenly, for no apparent reason, all internal lookups fail. With a previous work hat on I've had colleagues bitten by this one.

You forgot to provide the output of :
dig eglifamily.name ns
dig 10.168.192.in-addr.arpa ns
but from the configs, I would expect both to show jupiter.eglifamily.name to be the name server for both.

BTW - you should not need "subnet 10.0.0.0 ..." or "interface enp0s8". That fact that they are there, presumably to get around your other problem, indicated that you are starting dhcpd with the wrong options. Normally you would simply list the interfaces you want the server to listen on on the command line - though it's usually abstracted into a config file to make life simple.

Simon