[*SP4M*] DHCPd only updating the forward zone

Dan Egli dan at newideatest.site
Thu Dec 24 22:22:48 UTC 2020


Alright. I did a test, and it's still not even trying to create the 
reverse mapping. I don't know why. I created a machine called terra. It 
asked dhcpd for a least. It got a lease. But that least never made it to 
named's in-addr.arpa zone, even though named is running too. I'm at a 
loss as to what's up and why it won't try to create the reverse DNS 
pointer. the DNS. Here's the setup:

terra: Booting from a Gentoo Minimal CD, running dhcpcd -h terra so that 
the hostname gets passed to dhcpd

pluto: dhcpd running. Receives a lease request, offers a new least, 
receive the ack, writes the forward mapping, ends. Does not write the 
reverse mapping. Here's the log segment:

Dec 24 15:02:22 pluto dhcpd[2439]: DHCPDISCOVER from 08:00:27:03:d3:23 
via enp0s8
Dec 24 15:02:23 pluto dhcpd[2439]: DHCPOFFER on 192.168.10.128 to 
08:00:27:03:d3:23 (terra) via enp0s8
Dec 24 15:02:23 pluto dhcpd[2439]: DHCPREQUEST for 192.168.10.128 
(192.168.10.1) from 08:00:27:03:d3:23 (terra) via enp0s8
Dec 24 15:02:23 pluto dhcpd[2439]: DHCPACK on 192.168.10.128 to 
08:00:27:03:d3:23 (terra) via enp0s8
Dec 24 15:02:23 pluto dhcpd[2439]: Added new forward map from 
terra.eglifamily.name to 192.168.10.128


As you can see, dig works for terra, not for it's IP:

pluto /etc/systemd # dig a +short terra.eglifamily.name
192.168.10.128
pluto /etc/systemd # dig a -x +short 192.168.10.128
pluto /etc/systemd # dig ptr -x 192.168.10.128
; <<>> DiG 9.16.6 <<>> ptr -x 192.168.10.128
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14327
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 0de11839ad25b1b5010000005fe51320c8672852930cb66c (good)
;; QUESTION SECTION:
;128.10.168.192.in-addr.arpa.   IN      PTR

;; AUTHORITY SECTION:
10.168.192.in-addr.arpa. 60     IN      SOA pluto.eglifamily.name. 
dan.eglifamily.name. 2 1800 300 86400 60

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Dec 24 15:16:00 MST 2020
;; MSG SIZE  rcvd: 145

pluto /etc/systemd # dig +short ptr -x 192.168.10.128
pluto /etc/systemd #

So, pluto is obviously recognized as the SOA for 192.168.10.x, which is 
good. Why then is dhcpd only sending a forward mapping?

FWIW, although they haven't changed, I'll repost the zone files and the 
config files.

eglifamily.zone:

$ORIGIN .
$TTL 21600      ; 6 hours
eglifamily.name         IN SOA  pluto.eglifamily.name. 
dan.eglifamily.name. (
                                 4          ; serial
                                 1800       ; refresh (30 minutes)
                                 300        ; retry (5 minutes)
                                 86400      ; expire (1 day)
                                 60         ; minimum (1 minute)
                                 )
                         NS      pluto.eglifamily.name.
                         MX      1 jupiter.eglifamily.name.
charon                  A       192.158.10.1
jupiter                 A       192.168.10.3
pluto                   A       192.168.10.2
$TTL 1800       ; 30 minutes
terra                   A       192.168.10.128
                         TXT "311fd3292f4dc507ed06f247665a4ac9ab"

That's after terra gets registered, obviously. But at the same time, 
here's the reverse zone.

10.168.192.arpa.zone:
$TTL 10m
@       IN SOA  pluto.eglifamily.name. dan.eglifamily.name. (
                                 2          ; serial
                                 30m        ; refresh
                                 5m         ; retry
                                 1d         ; expire
                                 1m         ; negative response cache
                                 )
                         NS      pluto.eglifamily.name.
1                       PTR     charon.eglifamily.name.
2                       PTR     pluto.eglifamily.name.
3                       PTR     jupiter.eglifamily.name.

Notice no PTR to terra. As to config files, here's dhcpd:

default-lease-time 3600;
max-lease-time 43200;

ddns-update-style interim;

authoritative;
log-facility local1;


allow booting;

subnet 10.0.0.0 netmask 255.0.0.0 {
# no services at all! That's the llnk from the ISP. Don't touch it!
}


subnet 192.168.10.0 netmask 255.255.255.0 {
         interface enp0s8;
         range 192.168.10.128 192.168.10.254;
         if exists user-class and option user-class = "iPXE" {
         filename "pxelinux.efi";
         } else {
         filename "pxelinux.0";
         }
         next-server 192.168.10.3;
         option domain-name-servers 192.168.10.2;
         option domain-name "eglifamily.name";
         option routers 192.168.10.1;

}

host fixed-1 {
         hardware ethernet 08:00:27:D5:AA:3C;
         fixed-address 192.168.10.64;
         option host-name "fixed-1";
         ddns-hostname "fixed-1.eglifamily.name";
}


And here's named.conf:


On 12/22/2020 7:48 AM, /etc/bind/named.conf
acl "xfer" {
         none;
};
acl "trusted" {
         10.0.2.15/32;
         192.168.10.0/24;
         127.0.0.0/8;
         ::1/128;
         # eventualy add valid IPv6 addresses here.
};

acl "myself" {
         127.0.0.0/24;
         ::1/128;
         192.168.10.2/32;
         10.0.2.15/32;
};

options {
         directory "/var/bind";
         pid-file "/run/named/named.pid";
         tkey-gssapi-keytab "/var/lib/samba/bind-dns/dns.keytab";
         minimal-responses yes;


         listen-on-v6 { none; };  // for now
         listen-on { 192.168.10.2; 127.0.0.1; };

         allow-query {
                 trusted;
         };

         allow-query-cache {
                 trusted;
         };

         allow-recursion {
                 trusted;
         };

         allow-transfer {
                 none;
         };

         allow-update {
                 myself;
         };

         dnssec-validation auto;
};


logging {
         channel default_log {
                 file "/var/log/named/named.log" versions 5 size 50M;
                 print-time yes;
                 print-severity yes;
                 print-category yes;
         };

         category default { default_log; };
         category general { default_log; };
};


include "/etc/bind/rndc.key";
controls {
         inet 127.0.0.1 port 953 allow { 127.0.0.1/32; ::1/128; } keys { 
"rndc-key"; };
};

zone "localhost" IN {
         type master;
         file "pri/localhost.zone";
         notify no;
};

zone "eglifamily.name" {
         type master;
         file "pri/eglifamily.zone";
         notify yes;
};


zone "10.168.192.in-addr.arpa" {
         type master;
         file "pri/10.168.192.arpa.zone";
         notify yes;
};

include "/var/lib/samba/bind-dns/named.conf";

So, what is wrong?


-- 

Dan Egli
 From my Test Server

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20201224/a82c1a38/attachment.htm>


More information about the dhcp-users mailing list