[*SP4M*] DHCPd only updating the forward zone
Dan Egli
dan at newideatest.site
Thu Dec 24 22:22:48 UTC 2020
Alright. I did a test, and it's still not even trying to create the
reverse mapping. I don't know why. I created a machine called terra. It
asked dhcpd for a least. It got a lease. But that least never made it to
named's in-addr.arpa zone, even though named is running too. I'm at a
loss as to what's up and why it won't try to create the reverse DNS
pointer. the DNS. Here's the setup:
terra: Booting from a Gentoo Minimal CD, running dhcpcd -h terra so that
the hostname gets passed to dhcpd
pluto: dhcpd running. Receives a lease request, offers a new least,
receive the ack, writes the forward mapping, ends. Does not write the
reverse mapping. Here's the log segment:
Dec 24 15:02:22 pluto dhcpd[2439]: DHCPDISCOVER from 08:00:27:03:d3:23
via enp0s8
Dec 24 15:02:23 pluto dhcpd[2439]: DHCPOFFER on 192.168.10.128 to
08:00:27:03:d3:23 (terra) via enp0s8
Dec 24 15:02:23 pluto dhcpd[2439]: DHCPREQUEST for 192.168.10.128
(192.168.10.1) from 08:00:27:03:d3:23 (terra) via enp0s8
Dec 24 15:02:23 pluto dhcpd[2439]: DHCPACK on 192.168.10.128 to
08:00:27:03:d3:23 (terra) via enp0s8
Dec 24 15:02:23 pluto dhcpd[2439]: Added new forward map from
terra.eglifamily.name to 192.168.10.128
As you can see, dig works for terra, not for it's IP:
pluto /etc/systemd # dig a +short terra.eglifamily.name
192.168.10.128
pluto /etc/systemd # dig a -x +short 192.168.10.128
pluto /etc/systemd # dig ptr -x 192.168.10.128
; <<>> DiG 9.16.6 <<>> ptr -x 192.168.10.128
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14327
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 0de11839ad25b1b5010000005fe51320c8672852930cb66c (good)
;; QUESTION SECTION:
;128.10.168.192.in-addr.arpa. IN PTR
;; AUTHORITY SECTION:
10.168.192.in-addr.arpa. 60 IN SOA pluto.eglifamily.name.
dan.eglifamily.name. 2 1800 300 86400 60
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Dec 24 15:16:00 MST 2020
;; MSG SIZE rcvd: 145
pluto /etc/systemd # dig +short ptr -x 192.168.10.128
pluto /etc/systemd #
So, pluto is obviously recognized as the SOA for 192.168.10.x, which is
good. Why then is dhcpd only sending a forward mapping?
FWIW, although they haven't changed, I'll repost the zone files and the
config files.
eglifamily.zone:
$ORIGIN .
$TTL 21600 ; 6 hours
eglifamily.name IN SOA pluto.eglifamily.name.
dan.eglifamily.name. (
4 ; serial
1800 ; refresh (30 minutes)
300 ; retry (5 minutes)
86400 ; expire (1 day)
60 ; minimum (1 minute)
)
NS pluto.eglifamily.name.
MX 1 jupiter.eglifamily.name.
charon A 192.158.10.1
jupiter A 192.168.10.3
pluto A 192.168.10.2
$TTL 1800 ; 30 minutes
terra A 192.168.10.128
TXT "311fd3292f4dc507ed06f247665a4ac9ab"
That's after terra gets registered, obviously. But at the same time,
here's the reverse zone.
10.168.192.arpa.zone:
$TTL 10m
@ IN SOA pluto.eglifamily.name. dan.eglifamily.name. (
2 ; serial
30m ; refresh
5m ; retry
1d ; expire
1m ; negative response cache
)
NS pluto.eglifamily.name.
1 PTR charon.eglifamily.name.
2 PTR pluto.eglifamily.name.
3 PTR jupiter.eglifamily.name.
Notice no PTR to terra. As to config files, here's dhcpd:
default-lease-time 3600;
max-lease-time 43200;
ddns-update-style interim;
authoritative;
log-facility local1;
allow booting;
subnet 10.0.0.0 netmask 255.0.0.0 {
# no services at all! That's the llnk from the ISP. Don't touch it!
}
subnet 192.168.10.0 netmask 255.255.255.0 {
interface enp0s8;
range 192.168.10.128 192.168.10.254;
if exists user-class and option user-class = "iPXE" {
filename "pxelinux.efi";
} else {
filename "pxelinux.0";
}
next-server 192.168.10.3;
option domain-name-servers 192.168.10.2;
option domain-name "eglifamily.name";
option routers 192.168.10.1;
}
host fixed-1 {
hardware ethernet 08:00:27:D5:AA:3C;
fixed-address 192.168.10.64;
option host-name "fixed-1";
ddns-hostname "fixed-1.eglifamily.name";
}
And here's named.conf:
On 12/22/2020 7:48 AM, /etc/bind/named.conf
acl "xfer" {
none;
};
acl "trusted" {
10.0.2.15/32;
192.168.10.0/24;
127.0.0.0/8;
::1/128;
# eventualy add valid IPv6 addresses here.
};
acl "myself" {
127.0.0.0/24;
::1/128;
192.168.10.2/32;
10.0.2.15/32;
};
options {
directory "/var/bind";
pid-file "/run/named/named.pid";
tkey-gssapi-keytab "/var/lib/samba/bind-dns/dns.keytab";
minimal-responses yes;
listen-on-v6 { none; }; // for now
listen-on { 192.168.10.2; 127.0.0.1; };
allow-query {
trusted;
};
allow-query-cache {
trusted;
};
allow-recursion {
trusted;
};
allow-transfer {
none;
};
allow-update {
myself;
};
dnssec-validation auto;
};
logging {
channel default_log {
file "/var/log/named/named.log" versions 5 size 50M;
print-time yes;
print-severity yes;
print-category yes;
};
category default { default_log; };
category general { default_log; };
};
include "/etc/bind/rndc.key";
controls {
inet 127.0.0.1 port 953 allow { 127.0.0.1/32; ::1/128; } keys {
"rndc-key"; };
};
zone "localhost" IN {
type master;
file "pri/localhost.zone";
notify no;
};
zone "eglifamily.name" {
type master;
file "pri/eglifamily.zone";
notify yes;
};
zone "10.168.192.in-addr.arpa" {
type master;
file "pri/10.168.192.arpa.zone";
notify yes;
};
include "/var/lib/samba/bind-dns/named.conf";
So, what is wrong?
--
Dan Egli
From my Test Server
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20201224/a82c1a38/attachment.htm>
More information about the dhcp-users
mailing list