<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /></head><body style='font-size: 10pt; font-family: Verdana,Geneva,sans-serif'>
<p>Hi,</p>
<p>You are using the default syslog settings, which logs at a verbose level. You can customise this.</p>
<p>For example in dhcpd.conf:</p>
<p>log-facility local7;</p>
<p>Then is rsyslog you can log with the required detail, eg this is what I have in /etc/rsyslog.d/60-local.conf</p>
<p># logging for isc-dhcpd-server<br />local7.* -/var/log/dhcp/dhcp.log</p>
<p>and to stop dhcp messages going to /var/log/syslog in /etc/rsyslog.d/50-default.conf</p>
<p>*.*;local7,auth,authpriv.none -/var/log/syslog</p>
<p>You can experiment with other things than local7.* to get the level you want, perhaps</p>
<p>local7.notice</p>
<p>or</p>
<p>local7.warning</p>
<p>If you put notice then you get all the higher level log messages: warning, error, crit, alert, emerg.</p>
<p>See the man page rsyslog.conf for the definition of facilities (local7) and priorities (notice).</p>
<p> The facility is one of the following keywords: auth, authpriv, cron,<br /> daemon, kern, lpr, mail, mark, news, security (same as auth), syslog,<br /> user, uucp and local0 through local7. The keyword security should not<br /> be used anymore and mark is only for internal use and therefore should<br /> not be used in applications. Anyway, you may want to specify and redi‐<br /> rect these messages here. The facility specifies the subsystem that<br /> produced the message, i.e. all mail programs log with the mail facility<br /> (LOG_MAIL) if they log using syslog.</p>
<p> The priority is one of the following keywords, in ascending order: de‐<br /> bug, info, notice, warning, warn (same as warning), err, error (same as<br /> err), crit, alert, emerg, panic (same as emerg). The keywords error,<br /> warn and panic are deprecated and should not be used anymore. The pri‐<br /> ority defines the severity of the message.</p>
<p> The behavior of the original BSD syslogd is that all messages of the<br /> specified priority and higher are logged according to the given action.<br /> Rsyslogd behaves the same, but has some extensions.</p>
<p>regards,</p>
<p>Glenn</p>
<p id="reply-intro">On 2023-05-17 01:32, lejeczek wrote:</p>
<blockquote type="cite" style="padding: 0 0.4em; border-left: #1010ff 2px solid; margin: 0">
<div id="replybody1">
<div><br /><br />
<div class="v1moz-cite-prefix">On 25/04/2023 17:47, Jeremey Wise wrote:</div>
<blockquote type="cite" style="padding: 0 0.4em; border-left: #1010ff 2px solid; margin: 0">
<style type="text/css">#replybody1 P { margin-top: 0; margin-bottom: 0; }</style>
<div class="v1elementToProof" style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: #000000;"> </div>
<div class="v1elementToProof">
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: #000000;">Greetings, and sorry up front for large email. But joining this forum and wanted to be comprehensive in my posting. I googled around and seems I am not the only one with questions on how to do this task, as things have changed with certs and updates. Hopefully this email formats in a means to make it easy for others to review and toss out ideas / links to where I can RTFM.</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: #000000;"> </div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: #000000;">I am being tasked to help out with a POC / Demo lab. It is a pair of VMs, running Ubuntu 22.04 fully updated / patched.</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: #000000;"> </div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: #000000;">###</div>
<div class="v1ContentPasted0" style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: #000000;">dnsuser@ps-dns-01:~$ named -v
<div class="v1ContentPasted0">BIND 9.18.12-0ubuntu0.22.04.1-Ubuntu (Extended Support Version) <id:></div>
<div class="v1ContentPasted0">dnsuser@ps-dns-01:~$ apt list |grep dhcp</div>
<div> </div>
<div class="v1ContentPasted0">WARNING: apt does not have a stable CLI interface. Use with caution in scripts.</div>
<div> </div>
<div class="v1ContentPasted0">dhcp-helper/jammy 1.2-3 amd64</div>
<div class="v1ContentPasted0">dhcp-probe/jammy 1.3.0-10.1build2 amd64</div>
<div class="v1ContentPasted0">dhcpcanon/jammy 0.8.5-2 all</div>
<div class="v1ContentPasted0">dhcpcd-dbus/jammy 0.6.1-2 amd64</div>
<div class="v1ContentPasted0">dhcpcd-gtk/jammy 0.7.8-1 amd64</div>
<div class="v1ContentPasted0">dhcpcd5/jammy 7.1.0-2build1 amd64</div>
<div class="v1ContentPasted0">dhcpd-pools/jammy 2.29-1.1 amd64</div>
<div class="v1ContentPasted0">dhcpdump/jammy 1.8-2.2 amd64</div>
<div class="v1ContentPasted0">dhcpig/jammy 1.5-3 all</div>
<div class="v1ContentPasted0">dhcping/jammy 1.2-5 amd64</div>
<div class="v1ContentPasted0">dhcpoptinj/jammy 0.5.3-1 amd64</div>
<div class="v1ContentPasted0">dhcpstarv/jammy 0.2.2-2 amd64</div>
<div class="v1ContentPasted0">dhcpy6d/jammy 1.0.7-1 all</div>
<div class="v1ContentPasted0">freeradius-dhcp/jammy-updates,jammy-security 3.0.26~dfsg~git20220223.1.00ed0241fa-0ubuntu3.1 amd64</div>
<div class="v1ContentPasted0">fusiondirectory-plugin-dhcp-schema/jammy 1.3-4build1 all</div>
<div class="v1ContentPasted0">fusiondirectory-plugin-dhcp/jammy 1.3-4build1 all</div>
<div class="v1ContentPasted0">golang-github-d2g-dhcp4-dev/jammy 0.0~git20150413-3 all</div>
<div class="v1ContentPasted0">golang-github-d2g-dhcp4client-dev/jammy 1.0.0-2 all</div>
<div class="v1ContentPasted0">golang-github-insomniacslk-dhcp-dev/jammy 0.0~git20200621.d74cd86-1 all</div>
<div class="v1ContentPasted0">golang-github-mdlayher-dhcp6-dev/jammy 0.0~git20190311.2a67805-2 all</div>
<div class="v1ContentPasted0">gosa-plugin-dhcp-schema/jammy 2.7.4+reloaded3-16build1 all</div>
<div class="v1ContentPasted0">gosa-plugin-dhcp/jammy 2.7.4+reloaded3-16build1 all</div>
<div class="v1ContentPasted0">isc-dhcp-client-ddns/jammy-updates 4.4.1-2.3ubuntu2.4 amd64</div>
<div class="v1ContentPasted0">isc-dhcp-client/jammy-updates,now 4.4.1-2.3ubuntu2.4 amd64 [installed,automatic]</div>
<div class="v1ContentPasted0">isc-dhcp-common/jammy-updates,now 4.4.1-2.3ubuntu2.4 amd64 [installed,automatic]</div>
<div class="v1ContentPasted0">isc-dhcp-dev/jammy-updates 4.4.1-2.3ubuntu2.4 amd64</div>
<div class="v1ContentPasted0">isc-dhcp-relay/jammy-updates 4.4.1-2.3ubuntu2.4 amd64</div>
<div class="v1ContentPasted0">isc-dhcp-server-ldap/jammy-updates 4.4.1-2.3ubuntu2.4 amd64</div>
<div class="v1ContentPasted0">isc-dhcp-server/jammy-updates,now 4.4.1-2.3ubuntu2.4 amd64 [installed]</div>
<div class="v1ContentPasted0">kea-dhcp-ddns-server/jammy 2.0.2-1 amd64</div>
<div class="v1ContentPasted0">kea-dhcp4-server/jammy 2.0.2-1 amd64</div>
<div class="v1ContentPasted0">kea-dhcp6-server/jammy 2.0.2-1 amd64</div>
<div class="v1ContentPasted0">libnet-dhcp-perl/jammy 0.696+dfsg-1 all</div>
<div class="v1ContentPasted0">libnet-dhcpv6-duid-parser-perl/jammy 1.01-2.1 all</div>
<div class="v1ContentPasted0">librust-dhcp4r-dev/jammy 0.2.0-1 amd64</div>
<div class="v1ContentPasted0">libtext-dhcpleases-perl/jammy 1.0-2.1 all</div>
<div class="v1ContentPasted0">neutron-dhcp-agent/jammy-updates 2:20.2.0-0ubuntu1 all</div>
<div class="v1ContentPasted0">opendrim-lmp-dhcp/jammy 1.0.0-0ubuntu2 amd64</div>
<div class="v1ContentPasted0">python3-isc-dhcp-leases/jammy 0.9.1-2 all</div>
<div class="v1ContentPasted0">udhcpc/jammy 1:1.30.1-7ubuntu3 amd64</div>
<div class="v1ContentPasted0">udhcpd/jammy 1:1.30.1-7ubuntu3 amd64</div>
<div class="v1ContentPasted0">wide-dhcpv6-client/jammy 20080615-23build1 amd64</div>
<div class="v1ContentPasted0">wide-dhcpv6-relay/jammy 20080615-23build1 amd64</div>
<div class="v1ContentPasted0">wide-dhcpv6-server/jammy 20080615-23build1 amd64</div>
<div class="v1ContentPasted0">dnsuser@ps-dns-01:~$</div>
###</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: #000000;"> </div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: #000000;"> </div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: #000000;">Goal: </div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: #000000;">
<ol>
<li><span>HA DNS and DHCP (failover / fail back)</span></li>
<li><span>DDNS updates from registered DHCP clients for PTR and A records (ipv4 only for now)</span></li>
</ol>
<div><span> </span></div>
<div><span>Issues: </span></div>
<div>
<ol>
<li><span><span></span>Getting flooding in /var/log/syslog , every update .. </span></li>
</ol>
</div>
</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: #000000;">###</div>
<div class="v1ContentPasted1" style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: #000000;">Apr 25 14:51:34 ps-dns-02 dhcpd[202599]: DHCPACK on 10.89.132.129 to 00:50:56:97:2b:f7 (op-web2) via 10.89.132.1
<div class="v1ContentPasted1">Apr 25 14:51:34 ps-dns-02 dhcpd[202599]: bind update on 10.89.132.129 from dhcpfailover rejected: incoming update is less critical than outgoing update</div>
<div class="v1ContentPasted1">Apr 25 14:51:34 ps-dns-02 dhcpd[202599]: Unable to add forward map from op-web2.ps.labs.local to 10.89.132.129: REFUSED</div>
<div class="v1ContentPasted1">Apr 25 14:51:35 ps-dns-02 dhcpd[202599]: DHCPREQUEST for 10.89.132.130 from 00:50:56:97:df:98 (easytravel) via ens160</div>
<div class="v1ContentPasted1">Apr 25 14:51:35 ps-dns-02 dhcpd[202599]: DHCPACK on 10.89.132.130 to 00:50:56:97:df:98 (easytravel) via ens160</div>
<div class="v1ContentPasted1">Apr 25 14:51:35 ps-dns-02 dhcpd[202599]: DHCPREQUEST for 10.89.132.130 from 00:50:56:97:df:98 (easytravel) via 10.89.132.1</div>
<div class="v1ContentPasted1">Apr 25 14:51:35 ps-dns-02 dhcpd[202599]: DHCPACK on 10.89.132.130 to 00:50:56:97:df:98 (easytravel) via 10.89.132.1</div>
<div class="v1ContentPasted1">Apr 25 14:51:35 ps-dns-02 dhcpd[202599]: bind update on 10.89.132.130 from dhcpfailover rejected: incoming update is less critical than outgoing update</div>
<div class="v1ContentPasted1">Apr 25 14:51:35 ps-dns-02 dhcpd[202599]: bind update on 10.89.132.130 from dhcpfailover rejected: incoming update is less critical than outgoing update</div>
<div class="v1ContentPasted1">Apr 25 14:51:35 ps-dns-02 dhcpd[202599]: Unable to add forward map from easytravel.ps.labs.local to 10.89.132.130: REFUSED</div>
<div class="v1ContentPasted1">Apr 25 14:51:38 ps-dns-02 named[184617]: client @0x7f20082400b8 10.89.132.90#50112 (mdbrtr-cisco-assist-00-ps-labs-local-svc): query (cache) 'mdbrtr-cisco-assist-00-ps-labs-local-svc/AAAA/IN' denied (allow-query-cache did not match)</div>
<div class="v1ContentPasted1">Apr 25 14:51:39 ps-dns-02 dhcpd[202599]: reuse_lease: lease age 122 (secs) under 25% threshold, reply with unaltered, existing lease for 10.89.135.132</div>
<div class="v1ContentPasted1">Apr 25 14:51:39 ps-dns-02 dhcpd[202599]: DHCPREQUEST for 10.89.135.132 from 00:50:56:8b:a5:85 via ens160</div>
</div>
<div style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: #000000;">###</div>
<div class="v1ContentPasted2" style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: #000000;">Similar posting was made with note that this would require configuration file review for what was / is misconfigured: <a id="v1LPlnk542970" class="v1moz-txt-link-freetext" href="https://dhcp-users.isc.narkive.com/KngCfNx3/rejected-incoming-update-is-less-critical-than-outgoing-update" target="_blank" rel="noopener noreferrer">https://dhcp-users.isc.narkive.com/KngCfNx3/rejected-incoming-update-is-less-critical-than-outgoing-update</a> </div>
<div class="v1ContentPasted2" style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: #000000;"> </div>
<div class="v1ContentPasted2" style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: #000000;">As such below is sample of zone and DHCP /DNS configuration.</div>
<div class="v1ContentPasted2" style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: #000000;"> </div>
<div class="v1ContentPasted2
v1ContentPasted3" style="font-family: Calibri, Arial, Helvetica, sans-serif; font-size: 12pt; color: #000000;">I read through documents <a id="v1LPNoLPOWALinkPreview" class="v1moz-txt-link-freetext" href="https://kb.isc.org/docs/aa-01588" target="_blank" rel="noopener noreferrer">https://kb.isc.org/docs/aa-01588</a> But did not see where their is misconfiguration in my configurations. </div>
<br />
<div id="v1Signature">
<div class="v1WordSection1" style="page: WordSection1;">
<p class="v1MsoAutoSig" style="margin: 0in; font-size: 11pt; font-family: Calibri, sans-serif;"> cat /etc/dhcp/dhcpd.conf</p>
<table style="border-collapse: collapse; box-sizing: border-box; height: 4371.25px;" cellspacing="0" cellpadding="1">
<tbody>
<tr>
<td style="width: 804.266px; box-sizing: border-box; height: 24.0937px; word-break: break-word; white-space: normal; background-color: transparent; border: 1px solid #ababab;">ps-dns-01</td>
<td style="width: 1109.09px; box-sizing: border-box; word-break: break-word; white-space: normal; height: 24.0937px; background-color: transparent; border: 1px solid #ababab;"><span class="v1ContentPasted6" style="font-family: 'Segoe UI Web (West European)', 'Segoe UI', -apple-system, BlinkMacSystemFont, Roboto, 'Helvetica Neue', sans-serif; font-size: medium; display: inline !important; color: #000000; background-color: #ffffff;">ps-dns-02</span></td>
</tr>
<tr>
<td class="v1ContentPasted5" style="width: 804.266px; box-sizing: border-box; height: 4346.17px; word-break: break-word; white-space: normal; background-color: transparent; border: 1px solid #ababab;">
<div class="v1ContentPasted9"># option definitions common to all supported networks...</div>
<div class="v1ContentPasted9">option domain-name "ps.labs.local";</div>
<div class="v1ContentPasted9">option domain-search "ps.labs.local";</div>
<div class="v1ContentPasted9">option domain-name-servers 10.89.100.152, 10.89.100.153;</div>
<div class="v1ContentPasted9">option time-offset -6;</div>
<div class="v1ContentPasted9">option ntp-servers 10.89.66.1;</div>
<div class="v1ContentPasted9">option time-servers 10.89.66.1;</div>
<div class="v1ContentPasted9">#ddns-domainname "ps.labs.local";</div>
<div class="v1ContentPasted9">default-lease-time 600;</div>
<div class="v1ContentPasted9">max-lease-time 7200;</div>
<div> </div>
<div> </div>
<div class="v1ContentPasted9"># Failover declaration</div>
<div class="v1ContentPasted9">failover peer "dhcpfailover" {</div>
<div class="v1ContentPasted9"> primary; # primary server declaration</div>
<div class="v1ContentPasted9"> address 10.89.100.152;</div>
<div class="v1ContentPasted9"> port 647;</div>
<div class="v1ContentPasted9"> peer address 10.89.100.153;</div>
<div class="v1ContentPasted9"> peer port 647;</div>
<div class="v1ContentPasted9"> max-response-delay 60;</div>
<div class="v1ContentPasted9"> max-unacked-updates 10;</div>
<div class="v1ContentPasted9"> mclt 3600;</div>
<div class="v1ContentPasted9"> split 128;</div>
<div class="v1ContentPasted9"> load balance max seconds 3;</div>
<div class="v1ContentPasted9">}</div>
<div> </div>
<div> </div>
<div class="v1ContentPasted9">key pslabslocal {</div>
<div class="v1ContentPasted9"> secret cHNsYWJzbG9jYWw=;</div>
<div class="v1ContentPasted9"> algorithm hmac-md5;</div>
<div class="v1ContentPasted9"> }</div>
<div> </div>
<div class="v1ContentPasted9"># The ddns-updates-style parameter controls whether or not the server will</div>
<div class="v1ContentPasted9"># attempt to do a DNS update when a lease is confirmed. We default to the</div>
<div class="v1ContentPasted9"># behavior of the version 2 packages ('none', since DHCP v2 didn't</div>
<div class="v1ContentPasted9"># have support for DDNS.)</div>
<div class="v1ContentPasted9">ddns-update-style standard;</div>
<div> </div>
<div class="v1ContentPasted9"># If this DHCP server is the official DHCP server for the local</div>
<div class="v1ContentPasted9"># network, the authoritative directive should be uncommented.</div>
<div class="v1ContentPasted9">authoritative;</div>
<div> </div>
<div class="v1ContentPasted9"># Use this to send dhcp log messages to a different log file (you also</div>
<div class="v1ContentPasted9"># have to hack syslog.conf to complete the redirection).</div>
<div class="v1ContentPasted9">#log-facility local7;</div>
<div> </div>
<div class="v1ContentPasted9"># No service will be given on this subnet, but declaring it helps the</div>
<div class="v1ContentPasted9"># DHCP server to understand the network topology. This is for local NIC listening to dhcp broadcasts.</div>
<div class="v1ContentPasted9">subnet 10.89.100.0 netmask 255.255.255.0 {</div>
<div class="v1ContentPasted9">}</div>
<div> </div>
<div class="v1ContentPasted9"># ps_labs_local_infrastructure</div>
<div class="v1ContentPasted9">subnet 10.89.128.0 netmask 255.255.255.0 {</div>
<div class="v1ContentPasted9">}</div>
<div> </div>
<div class="v1ContentPasted9"># hx06 dynamic</div>
<div class="v1ContentPasted9">subnet 10.89.130.0 netmask 255.255.255.0 {</div>
<div class="v1ContentPasted9"> option domain-name-servers 10.89.100.152;</div>
<div class="v1ContentPasted9"> option routers 10.89.130.1;</div>
<div class="v1ContentPasted9"> pool {</div>
<div class="v1ContentPasted9"> failover peer "dhcpfailover";</div>
<div class="v1ContentPasted9"> range 10.89.130.10 10.89.130.254;</div>
<div class="v1ContentPasted9"> }</div>
<div class="v1ContentPasted9">}</div>
<div> </div>
<div class="v1ContentPasted9"># hx07 dynamic</div>
<div class="v1ContentPasted9">subnet 10.89.132.0 netmask 255.255.255.0 {</div>
<div class="v1ContentPasted9"> option domain-name-servers 10.89.100.152;</div>
<div class="v1ContentPasted9"> option routers 10.89.132.1;</div>
<div class="v1ContentPasted9"> pool {</div>
<div class="v1ContentPasted9"> failover peer "dhcpfailover";</div>
<div class="v1ContentPasted9"> range 10.89.132.10 10.89.132.254;</div>
<div class="v1ContentPasted9"> }</div>
<div class="v1ContentPasted9">}</div>
<div> </div>
<div class="v1ContentPasted9"># UCSX dynamic</div>
<div class="v1ContentPasted9">subnet 10.89.134.0 netmask 255.255.255.0 {</div>
<div class="v1ContentPasted9"> option domain-name-servers 10.89.100.152;</div>
<div class="v1ContentPasted9"> option routers 10.89.134.1;</div>
<div class="v1ContentPasted9"> pool {</div>
<div class="v1ContentPasted9"> failover peer "dhcpfailover";</div>
<div class="v1ContentPasted9"> range 10.89.134.10 10.89.134.254;</div>
<div class="v1ContentPasted9"> }</div>
<div class="v1ContentPasted9">}</div>
<div> </div>
<div class="v1ContentPasted9"># The following three network are for Tanzu work in hx06</div>
<div class="v1ContentPasted9"># Update 20221004 by JW. Data is all static as is mgmt. Workload is all DHCP</div>
<div class="v1ContentPasted9"># subnet 10.89.135.0 netmask 255.255.255.224</div>
<div> </div>
<div class="v1ContentPasted9"># k8s-tz-data-hx06 dynamic</div>
<div class="v1ContentPasted9">subnet 10.89.135.0 netmask 255.255.255.224 {</div>
<div class="v1ContentPasted9"> option domain-name-servers 10.89.100.152;</div>
<div class="v1ContentPasted9"> option routers 10.89.135.1;</div>
<div class="v1ContentPasted9"> pool {</div>
<div class="v1ContentPasted9"> failover peer "dhcpfailover";</div>
<div class="v1ContentPasted9"> range 10.89.135.2 10.89.135.30;</div>
<div class="v1ContentPasted9"> }</div>
<div class="v1ContentPasted9"> }</div>
<div> </div>
<div class="v1ContentPasted9"># k8s-tz-workload-hx06 dynamic</div>
<div class="v1ContentPasted9">subnet 10.89.135.32 netmask 255.255.255.224 {</div>
<div class="v1ContentPasted9"> option domain-name-servers 10.89.100.152;</div>
<div class="v1ContentPasted9"> option routers 10.89.135.33;</div>
<div class="v1ContentPasted9"> pool {</div>
<div class="v1ContentPasted9"> failover peer "dhcpfailover";</div>
<div class="v1ContentPasted9"> range 10.89.135.34 10.89.135.63;</div>
<div class="v1ContentPasted9"> }</div>
<div class="v1ContentPasted9">}</div>
<div> </div>
<div class="v1ContentPasted9"># k8s-tz-mgmt-hx06 dynamic</div>
<div class="v1ContentPasted9">subnet 10.89.135.64 netmask 255.255.255.224 {</div>
<div class="v1ContentPasted9"> option domain-name-servers 10.89.100.152;</div>
<div class="v1ContentPasted9"> option routers 10.89.135.65;</div>
<div class="v1ContentPasted9"> pool {</div>
<div class="v1ContentPasted9"> failover peer "dhcpfailover";</div>
<div class="v1ContentPasted9"> range 10.89.135.66 10.89.135.94;</div>
<div class="v1ContentPasted9"> }</div>
<div class="v1ContentPasted9">}</div>
<div> </div>
<div class="v1ContentPasted9"># k8s-ocp-data-hx06</div>
<div class="v1ContentPasted9">subnet 10.89.135.96 netmask 255.255.255.224 {</div>
<div class="v1ContentPasted9"> option domain-name-servers 10.89.100.152;</div>
<div class="v1ContentPasted9"> option routers 10.89.135.97;</div>
<div class="v1ContentPasted9"> pool {</div>
<div class="v1ContentPasted9"> failover peer "dhcpfailover";</div>
<div class="v1ContentPasted9"> range 10.89.135.98 10.89.135.126;</div>
<div class="v1ContentPasted9"> }</div>
<div class="v1ContentPasted9">}</div>
<div> </div>
<div class="v1ContentPasted9"># k8s-ocp-workload-hx06</div>
<div class="v1ContentPasted9">subnet 10.89.135.128 netmask 255.255.255.224 {</div>
<div class="v1ContentPasted9"> option domain-name-servers 10.89.100.152;</div>
<div class="v1ContentPasted9"> option routers 10.89.135.129;</div>
<div class="v1ContentPasted9"> pool {</div>
<div class="v1ContentPasted9"> failover peer "dhcpfailover";</div>
<div class="v1ContentPasted9"> range 10.89.135.130 10.89.135.158;</div>
<div class="v1ContentPasted9"> }</div>
<div class="v1ContentPasted9">}</div>
<div> </div>
<div class="v1ContentPasted9"># k8s-rke-mgmt-hx06</div>
<div class="v1ContentPasted9">subnet 10.89.135.160 netmask 255.255.255.224 {</div>
<div class="v1ContentPasted9"> option domain-name-servers 10.89.100.152;</div>
<div class="v1ContentPasted9"> option routers 10.89.135.161;</div>
<div class="v1ContentPasted9"> pool {</div>
<div class="v1ContentPasted9"> failover peer "dhcpfailover";</div>
<div class="v1ContentPasted9"> range 10.89.135.162 10.89.135.190;</div>
<div class="v1ContentPasted9"> }</div>
<div class="v1ContentPasted9"> # ocpbastion</div>
<div class="v1ContentPasted9"> host ocpbastion {</div>
<div class="v1ContentPasted9"> hardware ethernet 00:50:56:8b:db:a4;</div>
<div class="v1ContentPasted9"> fixed-address 10.89.135.190;</div>
<div class="v1ContentPasted9"> }</div>
<div class="v1ContentPasted9"> }</div>
<div> </div>
<div class="v1ContentPasted9"># k8s-rke-data-hx06</div>
<div class="v1ContentPasted9">subnet 10.89.135.192 netmask 255.255.255.224 {</div>
<div class="v1ContentPasted9"> option domain-name-servers 10.89.100.152;</div>
<div class="v1ContentPasted9"> option routers 10.89.135.193;</div>
<div class="v1ContentPasted9"> pool {</div>
<div class="v1ContentPasted9"> failover peer "dhcpfailover";</div>
<div class="v1ContentPasted9"> range 10.89.135.194 10.89.135.222;</div>
<div class="v1ContentPasted9"> }</div>
<div class="v1ContentPasted9">}</div>
<div> </div>
<div class="v1ContentPasted9"># k8s-rke-workload-hx06</div>
<div class="v1ContentPasted9">subnet 10.89.135.224 netmask 255.255.255.224 {</div>
<div class="v1ContentPasted9"> option domain-name-servers 10.89.100.225;</div>
<div class="v1ContentPasted9"> option routers 10.89.135.193;</div>
<div class="v1ContentPasted9"> pool {</div>
<div class="v1ContentPasted9"> failover peer "dhcpfailover";</div>
<div class="v1ContentPasted9"> range 10.89.135.226 10.89.135.253;</div>
<div class="v1ContentPasted9"> }</div>
<div class="v1ContentPasted9">}</div>
<div> </div>
<div> </div>
<div class="v1ContentPasted9"># Host reservations</div>
<div class="v1ContentPasted9"> host tanzuprod-service-control-plane-bbwwb {</div>
<div class="v1ContentPasted9"> hardware ethernet 00:50:56:8b:71:bf;</div>
<div class="v1ContentPasted9"> fixed-address 10.89.135.48;</div>
<div class="v1ContentPasted9"> }</div>
<div class="v1ContentPasted9"><snip></div>
<div class="v1ContentPasted9"> host tanzuprod-workload-control-plane-zvm6t {</div>
<div class="v1ContentPasted9"> hardware ethernet 00:50:56:8b:75:83;</div>
<div class="v1ContentPasted9"> fixed-address 10.89.135.50;</div>
<div class="v1ContentPasted9"> }</div>
<div> </div>
<div class="v1ContentPasted9"># DV Presales Lab</div>
<div class="v1ContentPasted9">zone ps.labs.local. {</div>
<div class="v1ContentPasted9"> primary 10.89.100.152;</div>
<div class="v1ContentPasted9"> key pslabslocal;</div>
<div class="v1ContentPasted9"> }</div>
</td>
<td class="v1ContentPasted8" style="width: 1109.09px; box-sizing: border-box; word-break: break-word; white-space: normal; height: 4346.17px; background-color: transparent; border: 1px solid #ababab;"># option definitions common to all supported networks...
<div class="v1ContentPasted8">option domain-name "ps.labs.local";</div>
<div class="v1ContentPasted8">option domain-search "ps.labs.local";</div>
<div class="v1ContentPasted8">option domain-name-servers 10.89.100.152, 10.89.100.153;</div>
<div class="v1ContentPasted8">option time-offset -6;</div>
<div class="v1ContentPasted8">option ntp-servers 10.89.66.1;</div>
<div class="v1ContentPasted8">option time-servers 10.89.66.1;</div>
<div class="v1ContentPasted8">#ddns-domainname "ps.labs.local";</div>
<div class="v1ContentPasted8">default-lease-time 600;</div>
<div class="v1ContentPasted8">max-lease-time 7200;</div>
<div> </div>
<div> </div>
<div class="v1ContentPasted8"># Failover declaration</div>
<div class="v1ContentPasted8">failover peer "dhcpfailover" {</div>
<div class="v1ContentPasted8"> secondary; # secondary server declaration</div>
<div class="v1ContentPasted8"> address 10.89.100.153;</div>
<div class="v1ContentPasted8"> port 647;</div>
<div class="v1ContentPasted8"> peer address 10.89.100.152;</div>
<div class="v1ContentPasted8"> peer port 647;</div>
<div class="v1ContentPasted8"> max-response-delay 60;</div>
<div class="v1ContentPasted8"> max-unacked-updates 10;</div>
<div class="v1ContentPasted8"> load balance max seconds 3;</div>
<div class="v1ContentPasted8">}</div>
<div> </div>
<div> </div>
<div class="v1ContentPasted8">key pslabslocal {</div>
<div class="v1ContentPasted8"> secret cHNsYWJzbG9jYWw=;</div>
<div class="v1ContentPasted8"> algorithm hmac-md5;</div>
<div class="v1ContentPasted8"> }</div>
<div> </div>
<div class="v1ContentPasted8"># The ddns-updates-style parameter controls whether or not the server will</div>
<div class="v1ContentPasted8"># attempt to do a DNS update when a lease is confirmed. We default to the</div>
<div class="v1ContentPasted8"># behavior of the version 2 packages ('none', since DHCP v2 didn't</div>
<div class="v1ContentPasted8"># have support for DDNS.)</div>
<div class="v1ContentPasted8">ddns-update-style standard;</div>
<div> </div>
<div class="v1ContentPasted8"># If this DHCP server is the official DHCP server for the local</div>
<div class="v1ContentPasted8"># network, the authoritative directive should be uncommented.</div>
<div class="v1ContentPasted8">authoritative;</div>
<div> </div>
<div class="v1ContentPasted8"># Use this to send dhcp log messages to a different log file (you also</div>
<div class="v1ContentPasted8"># have to hack syslog.conf to complete the redirection).</div>
<div class="v1ContentPasted8">#log-facility local7;</div>
<div> </div>
<div class="v1ContentPasted8"># No service will be given on this subnet, but declaring it helps the</div>
<div class="v1ContentPasted8"># DHCP server to understand the network topology. This is for local NIC listening to dhcp broadcasts.</div>
<div class="v1ContentPasted8">subnet 10.89.100.0 netmask 255.255.255.0 {</div>
<div class="v1ContentPasted8">}</div>
<div> </div>
<div class="v1ContentPasted8"># ps_labs_local_infrastructure</div>
<div class="v1ContentPasted8">subnet 10.89.128.0 netmask 255.255.255.0 {</div>
<div class="v1ContentPasted8">}</div>
<div> </div>
<div class="v1ContentPasted8"># hx06 dynamic</div>
<div class="v1ContentPasted8">subnet 10.89.130.0 netmask 255.255.255.0 {</div>
<div class="v1ContentPasted8"> option domain-name-servers 10.89.100.152;</div>
<div class="v1ContentPasted8"> option routers 10.89.130.1;</div>
<div class="v1ContentPasted8"> pool {</div>
<div class="v1ContentPasted8"> failover peer "dhcpfailover";</div>
<div class="v1ContentPasted8"> range 10.89.130.10 10.89.130.254;</div>
<div class="v1ContentPasted8"> }</div>
<div class="v1ContentPasted8">}</div>
<div> </div>
<div class="v1ContentPasted8"># hx07 dynamic</div>
<div class="v1ContentPasted8">subnet 10.89.132.0 netmask 255.255.255.0 {</div>
<div class="v1ContentPasted8"> option domain-name-servers 10.89.100.152;</div>
<div class="v1ContentPasted8"> option routers 10.89.132.1;</div>
<div class="v1ContentPasted8"> pool {</div>
<div class="v1ContentPasted8"> failover peer "dhcpfailover";</div>
<div class="v1ContentPasted8"> range 10.89.132.10 10.89.132.254;</div>
<div class="v1ContentPasted8"> }</div>
<div class="v1ContentPasted8">}</div>
<div> </div>
<div class="v1ContentPasted8"># UCSX dynamic</div>
<div class="v1ContentPasted8">subnet 10.89.134.0 netmask 255.255.255.0 {</div>
<div class="v1ContentPasted8"> option domain-name-servers 10.89.100.152;</div>
<div class="v1ContentPasted8"> option routers 10.89.134.1;</div>
<div class="v1ContentPasted8"> pool {</div>
<div class="v1ContentPasted8"> failover peer "dhcpfailover";</div>
<div class="v1ContentPasted8"> range 10.89.134.10 10.89.134.254;</div>
<div class="v1ContentPasted8"> }</div>
<div class="v1ContentPasted8">}</div>
<div> </div>
<div class="v1ContentPasted8"># The following three network are for Tanzu work in hx06</div>
<div class="v1ContentPasted8"># Update 20221004 by JW. Data is all static as is mgmt. Workload is all DHCP</div>
<div class="v1ContentPasted8"># subnet 10.89.135.0 netmask 255.255.255.224</div>
<div> </div>
<div class="v1ContentPasted8"># k8s-tz-data-hx06 dynamic</div>
<div class="v1ContentPasted8">subnet 10.89.135.0 netmask 255.255.255.224 {</div>
<div class="v1ContentPasted8"> ddns-updates on;</div>
<div class="v1ContentPasted8"> option domain-name-servers 10.89.100.152;</div>
<div class="v1ContentPasted8"> option routers 10.89.135.1;</div>
<div class="v1ContentPasted8"> pool {</div>
<div class="v1ContentPasted8"> failover peer "dhcpfailover";</div>
<div class="v1ContentPasted8"> range 10.89.135.2 10.89.135.30;</div>
<div class="v1ContentPasted8"> }</div>
<div class="v1ContentPasted8"> }</div>
<div> </div>
<div class="v1ContentPasted8"># k8s-tz-workload-hx06 dynamic</div>
<div class="v1ContentPasted8">subnet 10.89.135.32 netmask 255.255.255.224 {</div>
<div class="v1ContentPasted8"> option domain-name-servers 10.89.100.152;</div>
<div class="v1ContentPasted8"> option routers 10.89.135.33;</div>
<div class="v1ContentPasted8"> pool {</div>
<div class="v1ContentPasted8"> failover peer "dhcpfailover";</div>
<div class="v1ContentPasted8"> range 10.89.135.34 10.89.135.63;</div>
<div class="v1ContentPasted8"> }</div>
<div class="v1ContentPasted8">}</div>
<div> </div>
<div class="v1ContentPasted8"># k8s-tz-mgmt-hx06 dynamic</div>
<div class="v1ContentPasted8">subnet 10.89.135.64 netmask 255.255.255.224 {</div>
<div class="v1ContentPasted8"> option domain-name-servers 10.89.100.152;</div>
<div class="v1ContentPasted8"> option routers 10.89.135.65;</div>
<div class="v1ContentPasted8"> pool {</div>
<div class="v1ContentPasted8"> failover peer "dhcpfailover";</div>
<div class="v1ContentPasted8"> range 10.89.135.66 10.89.135.94;</div>
<div class="v1ContentPasted8"> }</div>
<div class="v1ContentPasted8">}</div>
<div> </div>
<div class="v1ContentPasted8"># k8s-ocp-data-hx06</div>
<div class="v1ContentPasted8">subnet 10.89.135.96 netmask 255.255.255.224 {</div>
<div class="v1ContentPasted8"> option domain-name-servers 10.89.100.152;</div>
<div class="v1ContentPasted8"> option routers 10.89.135.97;</div>
<div class="v1ContentPasted8"> pool {</div>
<div class="v1ContentPasted8"> failover peer "dhcpfailover";</div>
<div class="v1ContentPasted8"> range 10.89.135.98 10.89.135.126;</div>
<div class="v1ContentPasted8"> }</div>
<div class="v1ContentPasted8">}</div>
<div> </div>
<div class="v1ContentPasted8"># k8s-ocp-workload-hx06</div>
<div class="v1ContentPasted8">subnet 10.89.135.128 netmask 255.255.255.224 {</div>
<div class="v1ContentPasted8"> option domain-name-servers 10.89.100.152;</div>
<div class="v1ContentPasted8"> option routers 10.89.135.129;</div>
<div class="v1ContentPasted8"> pool {</div>
<div class="v1ContentPasted8"> failover peer "dhcpfailover";</div>
<div class="v1ContentPasted8"> range 10.89.135.130 10.89.135.158;</div>
<div class="v1ContentPasted8"> }</div>
<div class="v1ContentPasted8">}</div>
<div> </div>
<div class="v1ContentPasted8"># k8s-rke-mgmt-hx06</div>
<div class="v1ContentPasted8">subnet 10.89.135.160 netmask 255.255.255.224 {</div>
<div class="v1ContentPasted8"> option domain-name-servers 10.89.100.152;</div>
<div class="v1ContentPasted8"> option routers 10.89.135.161;</div>
<div class="v1ContentPasted8"> pool {</div>
<div class="v1ContentPasted8"> failover peer "dhcpfailover";</div>
<div class="v1ContentPasted8"> range 10.89.135.162 10.89.135.190;</div>
<div class="v1ContentPasted8"> }</div>
<div class="v1ContentPasted8">}</div>
<div> </div>
<div class="v1ContentPasted8"># k8s-rke-data-hx06</div>
<div class="v1ContentPasted8">subnet 10.89.135.192 netmask 255.255.255.224 {</div>
<div class="v1ContentPasted8"> option domain-name-servers 10.89.100.152;</div>
<div class="v1ContentPasted8"> option routers 10.89.135.193;</div>
<div class="v1ContentPasted8"> pool {</div>
<div class="v1ContentPasted8"> failover peer "dhcpfailover";</div>
<div class="v1ContentPasted8"> range 10.89.135.194 10.89.135.222;</div>
<div class="v1ContentPasted8"> }</div>
<div class="v1ContentPasted8">}</div>
<div> </div>
<div class="v1ContentPasted8"># k8s-rke-workload-hx06</div>
<div class="v1ContentPasted8">subnet 10.89.135.224 netmask 255.255.255.224 {</div>
<div class="v1ContentPasted8"> option domain-name-servers 10.89.100.225;</div>
<div class="v1ContentPasted8"> option routers 10.89.135.193;</div>
<div class="v1ContentPasted8"> pool {</div>
<div class="v1ContentPasted8"> failover peer "dhcpfailover";</div>
<div class="v1ContentPasted8"> range 10.89.135.226 10.89.135.253;</div>
<div class="v1ContentPasted8"> }</div>
<div class="v1ContentPasted8">}</div>
<div> </div>
<div class="v1ContentPasted8"># Host reservations</div>
<div class="v1ContentPasted8"> host tanzuprod-service-control-plane-bbwwb {</div>
<div class="v1ContentPasted8"> hardware ethernet 00:50:56:8b:71:bf;</div>
<div class="v1ContentPasted8"> fixed-address 10.89.135.48;</div>
<div class="v1ContentPasted8"> }</div>
<div class="v1ContentPasted8"><snip></div>
<div class="v1ContentPasted8"> host tanzuprod-workload-control-plane-zvm6t {</div>
<div class="v1ContentPasted8"> hardware ethernet 00:50:56:8b:75:83;</div>
<div class="v1ContentPasted8"> fixed-address 10.89.135.50;</div>
<div class="v1ContentPasted8"> }</div>
<div> </div>
<div class="v1ContentPasted8"># DV Presales Lab</div>
<div class="v1ContentPasted8">zone ps.labs.local. {</div>
<div class="v1ContentPasted8"> primary 10.89.100.152;</div>
<div class="v1ContentPasted8"> key pslabslocal;</div>
<div class="v1ContentPasted8"> }</div>
<div class="v1ContentPasted8">dnsuser@ps-dns-02:~$</div>
</td>
</tr>
</tbody>
</table>
<p class="v1MsoAutoSig" style="margin: 0in; font-size: 11pt; font-family: Calibri, sans-serif;"> </p>
<p class="v1MsoAutoSig" style="margin: 0in; font-size: 11pt; font-family: Calibri, sans-serif;"> </p>
<p class="v1MsoAutoSig" style="margin: 0in; font-size: 11pt; font-family: Calibri, sans-serif;">DDNS </p>
<p class="v1MsoAutoSig" style="margin: 0in; font-size: 11pt; font-family: Calibri, sans-serif;">cat /etc/bind/named.conf</p>
<p class="v1MsoAutoSig" style="margin: 0in; font-size: 11pt; font-family: Calibri, sans-serif;"> </p>
<table id="v1tableSelected0" style="border-collapse: collapse;" cellspacing="0" cellpadding="1">
<tbody>
<tr>
<td style="width: 804.266px; box-sizing: border-box; height: 24.0937px; word-break: break-word; background-color: transparent; border: 1px solid #ababab;">ps-dns-01</td>
<td style="width: 804.266px; box-sizing: border-box; height: 24.0937px; word-break: break-word; background-color: transparent; border: 1px solid #ababab;">ps-dns-02</td>
</tr>
<tr>
<td style="width: 120px; color: #000000; background-color: transparent; border: 1px solid #ababab;">
<div class="v1ContentPasted11">include "/etc/bind/named.conf.options";</div>
<div class="v1ContentPasted11">include "/etc/bind/named.conf.local";</div>
<div class="v1ContentPasted11">include "/etc/bind/named.conf.default-zones";</div>
<div class="v1ContentPasted11">server 10.89.9.10 {</div>
<div class="v1ContentPasted11"> };</div>
<div class="v1ContentPasted11">server 10.89.9.107 {</div>
<div class="v1ContentPasted11"> };</div>
<div class="v1ContentPasted11">key pslabslocal {</div>
<div class="v1ContentPasted11"> algorithm hmac-md5;</div>
<div class="v1ContentPasted11"> secret "c<snip>w=";</div>
<div class="v1ContentPasted11"> };</div>
</td>
<td class="v1ContentPasted12" style="width: 120px; color: #000000; background-color: transparent; border: 1px solid #ababab;">include "/etc/bind/named.conf.options";
<div class="v1ContentPasted12">include "/etc/bind/named.conf.local";</div>
<div class="v1ContentPasted12">include "/etc/bind/named.conf.default-zones";</div>
<div class="v1ContentPasted12">key pslabslocal {</div>
<div class="v1ContentPasted12"> algorithm hmac-md5;</div>
<div class="v1ContentPasted12"> secret "c<span style="font-family: 'Segoe UI Web (West European)', 'Segoe UI', -apple-system, BlinkMacSystemFont, Roboto, 'Helvetica Neue', sans-serif; font-size: medium; display: inline !important; color: #000000; background-color: #ffffff;"><snip></span>w=";</div>
<div class="v1ContentPasted12"> };</div>
<div class="v1ContentPasted12">server 10.89.100.153 {</div>
<div class="v1ContentPasted12"> transfer-format many-answers;</div>
<div class="v1ContentPasted12"> keys {</div>
<div class="v1ContentPasted12"> pslabslocal;</div>
<div class="v1ContentPasted12"> };</div>
<div class="v1ContentPasted12"> };</div>
</td>
</tr>
<tr>
<td class="v1ContentPasted15
v1ContentPasted16" style="width: 120px; color: #000000; background-color: transparent; border: 1px solid #ababab;">" /etc/bind/named.conf.options" <br /> listen-on-v6 { any; };
<div class="v1ContentPasted16"> forwarders {</div>
<div class="v1ContentPasted16"> 10.89.9.10;</div>
<div class="v1ContentPasted16"> 10.89.9.107;</div>
<div class="v1ContentPasted16"> };</div>
<div class="v1ContentPasted16"> recursion yes;</div>
<div class="v1ContentPasted16"> allow-query {</div>
<div class="v1ContentPasted16"> any;</div>
<div class="v1ContentPasted16"> };</div>
<div class="v1ContentPasted16"> allow-recursion {</div>
<div class="v1ContentPasted16"> any;</div>
<div class="v1ContentPasted16"> };</div>
<div class="v1ContentPasted16">};</div>
</td>
<td class="v1ContentPasted12
v1ContentPasted20" style="width: 120px; color: #000000; background-color: transparent; border: 1px solid #ababab;">
<div>"<span class="v1ContentPasted19" style="font-family: 'Segoe UI Web (West European)', 'Segoe UI', -apple-system, BlinkMacSystemFont, Roboto, 'Helvetica Neue', sans-serif; font-size: medium; display: inline !important; color: #000000; background-color: #ffffff;">/etc/bind/named.conf.options"<br /></span></div>
options {
<div class="v1ContentPasted20"> directory "/var/cache/bind";</div>
<div> </div>
<div><span class="v1ContentPasted19" style="font-family: 'Segoe UI Web (West European)', 'Segoe UI', -apple-system, BlinkMacSystemFont, Roboto, 'Helvetica Neue', sans-serif; font-size: medium; display: inline !important; color: #000000; background-color: #ffffff;"> </span></div>
<div class="v1ContentPasted21"> listen-on-v6 { any; };</div>
<div class="v1ContentPasted21">};</div>
</td>
</tr>
<tr>
<td class="v1ContentPasted13
v1ContentPasted14" style="width: 120px; color: #000000; background-color: transparent; border: 1px solid #ababab;">"/etc/bind/named.conf.local"<br />
<div class="v1ContentPasted14">zone "ps.labs.local" {</div>
<div class="v1ContentPasted14"> type master;</div>
<div class="v1ContentPasted14"> file "/var/lib/bind/ps.labs.local.hosts";</div>
<div class="v1ContentPasted14"> also-notify {</div>
<div class="v1ContentPasted14"> 10.89.100.153;</div>
<div class="v1ContentPasted14"> };</div>
<div class="v1ContentPasted14"> allow-transfer {</div>
<div class="v1ContentPasted14"> 10.89.100.153;</div>
<div class="v1ContentPasted14"> };</div>
<div class="v1ContentPasted14"> };</div>
<div class="v1ContentPasted14">zone "128.89.10.in-addr.arpa" {</div>
<div class="v1ContentPasted14"> type master;</div>
<div class="v1ContentPasted14"> file "/var/lib/bind/10.89.128.rev";</div>
<div class="v1ContentPasted14"> also-notify {</div>
<div class="v1ContentPasted14"> 10.89.100.153;</div>
<div class="v1ContentPasted14"> };</div>
<div class="v1ContentPasted14"> allow-transfer {</div>
<div class="v1ContentPasted14"> 10.89.100.153;</div>
<div class="v1ContentPasted14"> };</div>
<div class="v1ContentPasted14"> };</div>
<div class="v1ContentPasted14">zone "129.89.10.in-addr.arpa" {</div>
<div class="v1ContentPasted14"> type master;</div>
<div class="v1ContentPasted14"> file "/var/lib/bind/10.89.129.rev";</div>
<div class="v1ContentPasted14"> also-notify {</div>
<div class="v1ContentPasted14"> 10.89.100.153;</div>
<div class="v1ContentPasted14"> };</div>
<div class="v1ContentPasted14"> allow-transfer {</div>
<div class="v1ContentPasted14"> 10.89.100.153;</div>
<div class="v1ContentPasted14"> };</div>
<div class="v1ContentPasted14"> };</div>
<snip other zones but all structured same></td>
<td class="v1ContentPasted12
v1ContentPasted23" style="width: 120px; color: #000000; background-color: transparent; border: 1px solid #ababab;">
<div>"<span class="v1ContentPasted22" style="font-family: 'Segoe UI Web (West European)', 'Segoe UI', -apple-system, BlinkMacSystemFont, Roboto, 'Helvetica Neue', sans-serif; font-size: medium; display: inline !important; color: #000000; background-color: #ffffff;">/etc/bind/named.conf.local"<br /></span></div>
zone "130.89.10.in-addr.arpa" {
<div class="v1ContentPasted23"> type slave;</div>
<div class="v1ContentPasted23"> masters {</div>
<div class="v1ContentPasted23"> 10.89.100.152;</div>
<div class="v1ContentPasted23"> };</div>
<div class="v1ContentPasted23"> allow-transfer {</div>
<div class="v1ContentPasted23"> 10.89.100.152;</div>
<div class="v1ContentPasted23"> };</div>
<div class="v1ContentPasted23"> file "/var/lib/bind/10.89.130.rev";</div>
<div class="v1ContentPasted23"> };</div>
<div class="v1ContentPasted23">zone "ps.labs.local" {</div>
<div class="v1ContentPasted23"> type slave;</div>
<div class="v1ContentPasted23"> masters {</div>
<div class="v1ContentPasted23"> 10.89.100.152;</div>
<div class="v1ContentPasted23"> };</div>
<div class="v1ContentPasted23"> allow-transfer {</div>
<div class="v1ContentPasted23"> 10.89.100.152;</div>
<div class="v1ContentPasted23"> };</div>
<div class="v1ContentPasted23"> file "/var/lib/bind/ps.labs.local.hosts";</div>
<div class="v1ContentPasted23"> };</div>
<div class="v1ContentPasted23">zone "128.89.10.in-addr.arpa" {</div>
<div class="v1ContentPasted23"> type slave;</div>
<div class="v1ContentPasted23"> masters {</div>
<div class="v1ContentPasted23"> 10.89.100.152;</div>
<div class="v1ContentPasted23"> };</div>
<div class="v1ContentPasted23"> allow-transfer {</div>
<div class="v1ContentPasted23"> 10.89.100.152;</div>
<div class="v1ContentPasted23"> };</div>
<div class="v1ContentPasted23"> file "/var/lib/bind/10.89.128.rev";</div>
<div class="v1ContentPasted23"> };</div>
<div><span class="v1ContentPasted22" style="font-family: 'Segoe UI Web (West European)', 'Segoe UI', -apple-system, BlinkMacSystemFont, Roboto, 'Helvetica Neue', sans-serif; font-size: medium; display: inline !important; color: #000000; background-color: #ffffff;"><<span class="v1ContentPasted24" style="font-size: medium; display: inline !important; color: #000000; background-color: #ffffff;">snip other zones but all structured same></span></span></div>
</td>
</tr>
<tr>
<td style="width: 120px; color: #000000; background-color: transparent; border: 1px solid #ababab;">
<div>"<span class="v1ContentPasted17" style="font-family: 'Segoe UI Web (West European)', 'Segoe UI', -apple-system, BlinkMacSystemFont, Roboto, 'Helvetica Neue', sans-serif; font-size: medium; display: inline !important; color: #000000; background-color: #ffffff;">/etc/bind/named.conf.default-zones"<br /></span></div>
<span class="v1ContentPasted17 v1ContentPasted18" style="font-family: 'Segoe UI Web (West European)', 'Segoe UI', -apple-system, BlinkMacSystemFont, Roboto, 'Helvetica Neue', sans-serif; font-size: medium; display: inline !important; color: #000000; background-color: #ffffff;"><span class="v1ContentPasted17 v1ContentPasted18" style="font-family: 'Segoe UI Web (West European)', 'Segoe UI', -apple-system, BlinkMacSystemFont, Roboto, 'Helvetica Neue', sans-serif; font-size: medium; display: inline !important; color: #000000; background-color: #ffffff;"><br />// prime the server with knowledge of the root servers</span></span>
<div class="v1ContentPasted18">zone "." {</div>
<div class="v1ContentPasted18"> type hint;</div>
<div class="v1ContentPasted18"> file "/usr/share/dns/root.hints";</div>
<div class="v1ContentPasted18">};</div>
<div> </div>
<div class="v1ContentPasted18">// be authoritative for the localhost forward and reverse zones, and for</div>
<div class="v1ContentPasted18">// broadcast zones as per RFC 1912</div>
<div> </div>
<div class="v1ContentPasted18">zone "localhost" {</div>
<div class="v1ContentPasted18"> type master;</div>
<div class="v1ContentPasted18"> file "/etc/bind/db.local";</div>
<div class="v1ContentPasted18"> also-notify {</div>
<div class="v1ContentPasted18"> 10.89.100.153;</div>
<div class="v1ContentPasted18"> };</div>
<div class="v1ContentPasted18"> allow-transfer {</div>
<div class="v1ContentPasted18"> 10.89.100.153;</div>
<div class="v1ContentPasted18"> };</div>
<div class="v1ContentPasted18">};</div>
<div> </div>
<div class="v1ContentPasted18">zone "127.in-addr.arpa" {</div>
<div class="v1ContentPasted18"> type master;</div>
<div class="v1ContentPasted18"> file "/etc/bind/db.127";</div>
<div class="v1ContentPasted18"> also-notify {</div>
<div class="v1ContentPasted18"> 10.89.100.153;</div>
<div class="v1ContentPasted18"> };</div>
<div class="v1ContentPasted18"> allow-transfer {</div>
<div class="v1ContentPasted18"> 10.89.100.153;</div>
<div class="v1ContentPasted18"> };</div>
<div class="v1ContentPasted18">};</div>
<div> </div>
<div class="v1ContentPasted18">zone "0.in-addr.arpa" {</div>
<div class="v1ContentPasted18"> type master;</div>
<div class="v1ContentPasted18"> file "/etc/bind/db.0";</div>
<div class="v1ContentPasted18"> also-notify {</div>
<div class="v1ContentPasted18"> 10.89.100.153;</div>
<div class="v1ContentPasted18"> };</div>
<div class="v1ContentPasted18"> allow-transfer {</div>
<div class="v1ContentPasted18"> 10.89.100.153;</div>
<div class="v1ContentPasted18"> };</div>
<div class="v1ContentPasted18">};</div>
<div> </div>
<div class="v1ContentPasted18">zone "255.in-addr.arpa" {</div>
<div class="v1ContentPasted18"> type master;</div>
<div class="v1ContentPasted18"> file "/etc/bind/db.255";</div>
<div class="v1ContentPasted18"> also-notify {</div>
<div class="v1ContentPasted18"> 10.89.100.153;</div>
<div class="v1ContentPasted18"> };</div>
<div class="v1ContentPasted18"> allow-transfer {</div>
<div class="v1ContentPasted18"> 10.89.100.153;</div>
<div class="v1ContentPasted18"> };</div>
<div class="v1ContentPasted18">};</div>
<span class="v1ContentPasted17 v1ContentPasted18" style="font-family: 'Segoe UI Web (West European)', 'Segoe UI', -apple-system, BlinkMacSystemFont, Roboto, 'Helvetica Neue', sans-serif; font-size: medium; display: inline !important; color: #000000; background-color: #ffffff;"><br /><br /><br /></span></td>
<td class="v1ContentPasted12
v1ContentPasted26" style="width: 120px; color: #000000; background-color: transparent; border: 1px solid #ababab;">
<div>"<span class="v1ContentPasted25" style="font-family: 'Segoe UI Web (West European)', 'Segoe UI', -apple-system, BlinkMacSystemFont, Roboto, 'Helvetica Neue', sans-serif; font-size: medium; display: inline !important; color: #000000; background-color: #ffffff;">/etc/bind/named.conf.default-zones"<br /></span></div>
// prime the server with knowledge of the root servers
<div class="v1ContentPasted26">zone "." {</div>
<div class="v1ContentPasted26"> type hint;</div>
<div class="v1ContentPasted26"> file "/usr/share/dns/root.hints";</div>
<div class="v1ContentPasted26">};</div>
<div> </div>
<div class="v1ContentPasted26">// be authoritative for the localhost forward and reverse zones, and for</div>
<div class="v1ContentPasted26">// broadcast zones as per RFC 1912</div>
<div> </div>
<div class="v1ContentPasted26">zone "localhost" {</div>
<div class="v1ContentPasted26"> type master;</div>
<div class="v1ContentPasted26"> file "/etc/bind/db.local";</div>
<div class="v1ContentPasted26">};</div>
<div> </div>
<div class="v1ContentPasted26">zone "127.in-addr.arpa" {</div>
<div class="v1ContentPasted26"> type master;</div>
<div class="v1ContentPasted26"> file "/etc/bind/db.127";</div>
<div class="v1ContentPasted26">};</div>
<div> </div>
<div class="v1ContentPasted26">zone "0.in-addr.arpa" {</div>
<div class="v1ContentPasted26"> type master;</div>
<div class="v1ContentPasted26"> file "/etc/bind/db.0";</div>
<div class="v1ContentPasted26">};</div>
<div> </div>
<div class="v1ContentPasted26">zone "255.in-addr.arpa" {</div>
<div class="v1ContentPasted26"> type master;</div>
<div class="v1ContentPasted26"> file "/etc/bind/db.255";</div>
<div class="v1ContentPasted26">};</div>
<div><span class="v1ContentPasted25" style="font-family: 'Segoe UI Web (West European)', 'Segoe UI', -apple-system, BlinkMacSystemFont, Roboto, 'Helvetica Neue', sans-serif; font-size: medium; display: inline !important; color: #000000; background-color: #ffffff;"> </span></div>
</td>
</tr>
</tbody>
</table>
<br />
<p class="v1MsoAutoSig" style="margin: 0in; font-size: 11pt; font-family: Calibri, sans-serif;">Questions:</p>
<p class="v1MsoAutoSig" style="margin: 0in; font-size: 11pt; font-family: Calibri, sans-serif;"> </p>
<ol>
<li><span>What is missconfigured to get flood of events about DHCP cache?</span></li>
<li><span>Why are not DHCP leases pushing updates to DNS to create recoreds (A and PTR)</span></li>
<li><span>I see almost no logs as I boot up test Vm. and get lease.. as to attempts to create from DHCP to DNS .. Where are the logs for these to track down DDNS communication.</span></li>
<li><span>DNS server on replica is not a flat file but a binary hash replica. In event of failover (Ex: ps-dns-01) goes offline..) , how would DHCP push via DDNS update records of server?</span></li>
</ol>
<div><span> </span></div>
<p class="v1MsoAutoSig" style="margin: 0in; font-size: 11pt; font-family: Calibri, sans-serif;"> </p>
<p class="v1MsoAutoSig" style="margin: 0in; font-size: 11pt; font-family: Calibri, sans-serif;">Thanks,</p>
<p class="v1MsoAutoSig" style="margin: 0in; font-size: 11pt; font-family: Calibri, sans-serif;"> </p>
<p class="v1MsoNormal" style="margin: 0in; font-size: 11pt; font-family: Calibri, sans-serif;">Penguinpages</p>
<p class="v1MsoNormal" style="margin: 0in; font-size: 11pt; font-family: Calibri, sans-serif;"> </p>
<p class="v1MsoNormal" style="margin: 0in; font-size: 11pt; font-family: Calibri, sans-serif;"> </p>
</div>
</div>
</div>
<br /><fieldset class="v1moz-mime-attachment-header"></fieldset></blockquote>
ough. html messages, specially long ones - not good recipe for mailing lists.<br />I'll not offer any turn-key-ready fixes for your issues but perhaps, I can share some ideas..<br /><br />also a question - how do you keep your dns servers in sync? These are flat-file backends right? Do you do any dynamic-a/sync with them DNSes? If you do....<br />I'd suggest - perhaps as others did/do - to use a bit more comprehensive systems for domain(+a lot more) management - I don't know if they have it over at Ubuntu/Canonical but, I'd recommend freeIPA - that is perhaps much steeper learning curve but once sussed out, will do a plethora of things for you.<br /><br />On DHCP - I'd, as I usually do, run only one dhcp daemon/service for a given(topologically) sub/net. Have it set up & ready on multiple nodes but run only ! one at any times, with help of, managed by some simple outside of dhcpd, solution / something like NM's dispatcher can do in some cases. Here you should have only one file to keep in sync - dhcpd config - between the nodes.<br /><br />Glancing through your configs - seems that you have set your 'keys' but are those not missing in/for DNS ? - which dns also must allow specific zones to be updated, or not, via use of 'update-policy'.<br />eg.<br />...<br /> zone "direct" IN {<br /> auto-dnssec maintain;<br /> key-directory "myzones";<br /> allow-query { localhost; private.pawel; };<br /> #allow-update { key dhcpd; key nsupdate_key; };<br /> update-policy {<br /> #grant dhcpd subdomain *.direct A CNAME TXT;<br /> #grant nsupdate_key subdomain *.direct SOA NS A CNAME TXT;<br /> grant dhcpd wildcard *.direct A CNAME TXT;<br /> grant nsupdate_key wildcard *.direct A CNAME TXT;<br /> };<br /> # below line would be for a slave/stub secondary server<br /> allow-transfer { localbox; 10.3.1.220; };<br /> type master;<br /> file "myzones/direct.signed";<br /> };<br />...<br />but again, <br /><br />And probably best advice ever(for now) - unless you knew this already but had no choice - even numbers, when it comes to computer systems, are not your friends.<br /><br />bw. L.<br /><br /><br /></div>
</div>
<br />
<div class="pre" style="margin: 0; padding: 0; font-family: monospace"> </div>
</blockquote>
<p><br /></p>
</body></html>