[Kea-users] DHCP_DDNS_NO_MATCH No DNS servers match FQDN

Tobias - lokskada at live.se
Thu Feb 25 16:54:43 UTC 2016


Hi!

I'm having trouble with the DHCP-DDNS server.
The requests are discarded because of a mismatch of some sort. I've gone through the guide several times and there are no other options availible.The DHCPv4 server is configured correctly, the clients get their domain name (option 15). What is it that's causing these problems? 
I had to patch an included file from boost to get past issue #4243 ( http://kea.isc.org/ticket/4243 ), a fix is found in the ticket submitted to the boost bug tracker.
Kea was compiled with the following options (GCC 5.3.0):
> CPPFLAGS="-D_FORTIFY_SOURCE=2"
> CFLAGS="-march=native -O2 -pipe -fstack-protector-strong"
> CXXFLAGS="-march=native -O2 -pipe -fstack-protector-strong"
> LDFLAGS="-Wl,-O1,--sort-common,--as-needed,-z,relro"

I get this error when a client renews its lease:
> feb 25 17:29:12 oink kea-dhcp-ddns[28405]: 2016-02-25 17:29:12.456 WARN  [kea-dhcp-ddns.dhcp-to-d2/28405] DHCP_DDNS_NO_MATCH No DNS servers 
match FQDN 103.0.168.192.in-addr.arpa.
> feb 25 17:29:12 oink kea-dhcp-ddns[28405]: 2016-02-25 17:29:12.456 ERROR [kea-dhcp-ddns.dhcp-to-d2/28405] DHCP_DDNS_NO_REV_MATCH_ERROR Request ID 0000012DB9A727C8ADD6899EF59D4F2B6725BD34D18172E972B07ABC235CCAFE188B87: the configured list of reverse DDNS domains does not contain a match for: Type: 0 (CHG_ADD)
> feb 25 17:29:12 oink kea-dhcp-ddns[28405]: Forward Change: yes
> feb 25 17:29:12 oink kea-dhcp-ddns[28405]: Reverse Change: yes
> feb 25 17:29:12 oink kea-dhcp-ddns[28405]: FQDN: [testclient1.example.com.]
> feb 25 17:29:12 oink kea-dhcp-ddns[28405]: IP Address: [192.168.0.103]
> feb 25 17:29:12 oink kea-dhcp-ddns[28405]: DHCID: [0000012DB9A727C8ADD6899EF59D4F2B6725BD34D18172E972B07ABC235CCAFE188B87]
> feb 25 17:29:12 oink kea-dhcp-ddns[28405]: Lease Expires On: 20160225173552
> feb 25 17:29:12 oink kea-dhcp-ddns[28405]: Lease Length: 4000
> feb 25 17:29:12 oink kea-dhcp-ddns[28405]:   The request has been discarded.

What have I done wrong?

The configuration for DHCP-DDNS looks like this:
> "DhcpDdns":
> {
>   "ip-address": "127.0.0.1",
>   "port": 53001,
>   "tsig-keys": [
>     {   
>         "name": "tsig.example.com.",
>         "algorithm": "HMAC-SHA512",
>         "secret": "<omitted>"
>     }   
>   ],  
>   "forward-ddns": {
>     "ddns-domains": [
>         {
>             "name": "example.com.",
>             "key-name": "tsig.example.com.",
>             "dns-servers": [ { "ip-address": "127.0.1.1" } ] 
>         }
>      ]   
>   },  
>   "reverse-ddns": {
>     "ddns-domains": [
>         {
>             "name": "0.168.192.in-addr-arpa.",
>             "key-name": "tsig.example.com.",
>             "dns-servers": [ { "ip-address": "127.0.1.1" } ] 
>         }
>      ]   
>   }
> },

The DHCPv4 config looks like this:
(I omitted the reservations for cleanlyness)
>   "subnet4": [
>   {    "subnet": "192.168.0.1/24",
>        "pools": [ { "pool": "192.168.0.30 - 192.168.0.254" } ],
>        "option-data": [
>         {
>             "name": "routers",
>             "code": 3,
>             "space": "dhcp4",
>             "csv-format": true,
>             "data": "192.168.0.1"
>         },
>         {
>             "name": "domain-name-servers",
>             "code": 6,
>             "space": "dhcp4",
>             "csv-format": true,
>             "data": "192.168.0.1"
>         },
>         {
>             "name": "domain-name",
>             "code": 15, 
>             "space": "dhcp4",
>             "csv-format": true,
>             "data": "example.com"
>         }
>        ]
>   } ],
> 
>   "dhcp-ddns": {
>     "enable-updates": true,
>     "override-client-update": true,
>     "qualifying-suffix": "example.com"
>   }
> },

Once again, what have I done wrong?
Is the fault at the DNS that controls the domain? It doesn't generate errors (it will log refused updates) so my guess is that the error is within Kea DHCP-DDNS. Maybe just something wrong with my configuration.

I'm just testing this out at home so nothing as at stake here. :D

Best regards,
Tobias Dahlberg
 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/kea-users/attachments/20160225/1750ddf0/attachment.htm>


More information about the Kea-users mailing list