[Kea-users] ddns fails with powerDNS (Failed PreRequisites check)

MRob mrobti at insiberia.net
Wed Feb 6 22:00:23 UTC 2019


Thank you Thomas. I'd like to confirm that it is not a new regression in 
Kea. The problem solved by upgrading powerDNS to a new version, now TSIG 
DNSUPDATE working.


On 2019-02-06 11:47, Thomas Markwalder wrote:
> Hello:
> 
> We migrated to gitlab, the old Trac ticket can be found here:
> 
>     https://oldkea.isc.org/ticket/5071#ticket
> 
> We did correct that particular issue in Kea 1.2.  If you are using an
> earlier version,  please upgrade.
> If you are already using 1.2 or later you may have uncovered something
> new, in which case I would
> encourage you to open a issue in gitlab:
> 
>     https://gitlab.isc.org
> 
> You'll need to register (if you haven't already) and then select the 
> Kea
> project.
> We would need PCAPs of the DDNS messages plus whatever logs from
> PowerDNS to start with.
> 
> Regards,
> 
> Thomas Markwalder
> ISC Software Engineering
> 
> 
> On 2/6/19 3:44 AM, MRob wrote:
>> 
>>> Has anyone found how to make kea-ddns work with PowerDNS? pdns logs
>>> suggest:
>>> 
>>> pdns[20989]: UPDATE (50855) from 10.10.1.254 for lan.: Failed
>>> PreRequisites check, returning 6
>>> 
>>> The query log shows only some normal SELECT statements. If it's not a
>>> known problem can anyone show how to find what the DNS UPDATE command 
>>> is
>>> being sent to the DNS server to diagnose?
>>> 
>>> Someone else had problem but couldn't get resolution:
>>> https://github.com/PowerDNS/pdns/issues/5830
>> 
>> Problem seems to be using TSIG signed DNSUPDATE requests. There used
>> to be a Kea bug
>> 
>> http://kea.isc.org/ticket/5071#ticket
>> 
>> But the link is dead. Is that bug fixed? Is the problem with Kea or
>> maybe the older version of powerDNS?
>> 
>> 
>> Question - after I removed TSIG the initial forward and reverse
>> DNSUPDATE commands succeed:
>> DHCP_DDNS_ADD_SUCCEEDED DHCP_DDNS Request ID xxx: successfully added
>> the DNS mapping addition for this request: Type: 0 (CHG_ADD)
>> 
>> But Kea does another CHG_ADD only a minute later and it fails:
>> DHCP_DDNS_FORWARD_REPLACE_REJECTED DNS Request ID yyy: Server,
>> 10.10.1.254 port:5353, rejected a DNS update request to replace the
>> address mapping for FQDN, wkst4.lan., with an RCODE: 8
>> DHCP_DDNS_ADD_FAILED DHCP_DDNS Request ID yyy: Transaction outcome
>> Status: Failed, Event: UPDATE_FAILED_EVT,  Forward change: failed, 
>> Reverse change: failed,  request: Type: 0 (CHG_ADD)
>> 
>> Is this a problem or can it be ignored? Is it due to setting
>> "override-no-update": true and "override-client-update": true?


More information about the Kea-users mailing list