[Kea-users] DDNS between kea-dhcp and powerdns

Lee Porte lee at leeporte.co.uk
Tue Jul 30 08:47:31 UTC 2024 

Yes they are my two PowerDNS servers. I have them running as an
active/active pair.

On Tue, 30 Jul 2024, 07:05 luckydog xf, <luckydogxf at gmail.com> wrote:

> Just curious, IPs 192.168.1.4 and 192.168.1.5 are IPs of PowerDNS, right?
>
> On Tue, Jul 30, 2024 at 2:56 AM Lee Porte <lee at leeporte.co.uk> wrote:
>
>> Hi,
>>
>> Here;s what I have in my DHCP4 config to enable the DDNS updates
>>
>>     "dhcp-ddns": {
>>       "enable-updates": true,
>>     },
>>     "ddns-qualifying-suffix": "example.com",
>>     "ddns-override-no-update": true,
>>     "ddns-override-client-update": true,
>>     "ddns-update-on-renew": true,
>>     "hostname-char-set": "[^A-Za-z0-9.-]",
>>     "hostname-char-replacement": "-",
>>
>>
>> And this is what I have in DDNS config
>>
>> {
>>   "DhcpDdns": {
>>     "ip-address": "127.0.0.1",
>>     "port": 53001,
>>     "control-socket": {
>>       "socket-type": "unix",
>>       "socket-name": "/var/lib/kea/kea-ddns-ctrl.sock"
>>     },
>>     "tsig-keys": [
>>       {
>>         "name": "dhcp-key",
>>         "algorithm": "HMAC-SHA256",
>>         "secret": "SUPERsecretKEY"
>>       }
>>     ],
>>     "forward-ddns": {
>>       "ddns-domains": [
>>         {
>>           "name": "example.com.",
>>           "key-name": "dhcp-key",
>>           "dns-servers": [
>>             {
>>               "ip-address": "192.168.1.4"
>>             },
>>             {
>>               "ip-address": "192.168.1.5"
>>             }
>>           ]
>>         }
>>       ]
>>     },
>>     "reverse-ddns": {
>>       "ddns-domains": [
>>         {
>>           "name": "1.168.192.in-addr.arpa.",
>>           "key-name": "dhcp-key",
>>           "dns-servers": [
>>             {
>>               "ip-address": "192.168.1.4"
>>             },
>>             {
>>               "ip-address": "192.168.1.5"
>>             }
>>           ]
>>         },
>>         {
>>           "name": "7.168.192.in-addr.arpa.",
>>           "key-name": "dhcp-key",
>>           "dns-servers": [
>>             {
>>               "ip-address": "192.168.1.4"
>>             },
>>             {
>>               "ip-address": "192.168.1.5"
>>             }
>>           ]
>>         }
>>       ]
>>     },
>>     "loggers": [
>>       {
>>         "name": "kea-dhcp-ddns",
>>         "output_options": [
>>           {
>>             "output": "/var/log/kea/kea-ddns.log",
>>             "maxsize": 1048576,
>>             "maxver": 8
>>           }
>>         ],
>>         "severity": "INFO",
>>         "debuglevel": 0
>>       }
>>     ]
>>   }
>> }
>>
>> On the power DNS side I have
>>
>> #################################
>> # allow-dnsupdate-from  A global setting to allow DNS updates from these
>> IP ranges.
>> #
>> #allow-dnsupdate-from=
>> allow-dnsupdate-from=
>>
>> #################################
>> # dnsupdate     Enable/Disable DNS update (RFC2136) support. Default is
>> no.
>> #
>> dnsupdate=yes
>>
>> I have also generated key values and added the to the database as per
>> https://doc.powerdns.com/authoritative/dnsupdate.html#dns-update-how-to-setup-dyndns-rfc2136-with-dhcpd
>> Though I did tweak the key generation to use SHA256 rather than MD5
>>
>> dnssec-keygen -a hmac-sha256 -b 4096 USER dhcpdupdate
>>
>> Cheers
>>
>> L
>>
>> On Mon, 29 Jul 2024 at 08:53, Lee Porte <lee at leeporte.co.uk> wrote:
>>
>>> Hi,
>>>
>>> Yes it definitely is possible as I'm running kea with DDNS updates to
>>> PowerDNS currently.
>>>
>>> I can grab some config snippets later on for you.
>>>
>>> Cheers
>>>
>>> L
>>>
>>> On Mon, 29 Jul 2024, 02:52 luckydog xf, <luckydogxf at gmail.com> wrote:
>>>
>>>> Hello, list
>>>>
>>>>  Is it possible to integrate kea-dhcp with PowerDNS by DDNS ? I read
>>>> the docs and didn't find related pages. Only one kea-dhcp-ddns exists.
>>>>
>>>>  Thanks.
>>>> --
>>>> ISC funds the development of this software with paid support
>>>> subscriptions. Contact us at https://www.isc.org/contact/ for more
>>>> information.
>>>>
>>>> To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.
>>>>
>>>> Kea-users mailing list
>>>> Kea-users at lists.isc.org
>>>> https://lists.isc.org/mailman/listinfo/kea-users
>>>>
>>>
>>
>> --
>> Lee Porte
>> 07989 310 952
>> --
>> ISC funds the development of this software with paid support
>> subscriptions. Contact us at https://www.isc.org/contact/ for more
>> information.
>>
>> To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.
>>
>> Kea-users mailing list
>> Kea-users at lists.isc.org
>> https://lists.isc.org/mailman/listinfo/kea-users
>>
> --
> ISC funds the development of this software with paid support
> subscriptions. Contact us at https://www.isc.org/contact/ for more
> information.
>
> To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.
>
> Kea-users mailing list
> Kea-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/kea-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/kea-users/attachments/20240730/caaa7ac3/attachment.htm>

More information about the Kea-users mailing list