
<div style="font-family: Arial, sans-serif; font-size: 14px;">If you update slave DNS server by DDNS you would probably get rejected as it is not authoritative for the zone. So I would say it is neither DNS nor Kea issue but parameters returned by kea should be changed to honor DDNS updates towards the primary DNS server.<br></div><div style="font-family: Arial, sans-serif; font-size: 14px;"><br></div><div style="font-family: Arial, sans-serif; font-size: 14px;">Marek</div><br><div class="protonmail_quote">


        ------- Original Message -------<br>


        On Friday, September 29th, 2023 at 15:05, LIU Chris <chris-zq.liu@urbanandmainlines.com> wrote:<br><br>


        <blockquote class="protonmail_quote" type="cite">


<div class="WordSection1">


<p style="margin:0in;margin-bottom:.0001pt" class="msipheaderad6c5cd7"><span style="font-size:10.0pt;font-family:"Calibri",sans-serif;color:black">Classified as: {OPEN}</span></p>


<p class="MsoNormal"> </p>


<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">I think so, but not 100% sure. I am not familiar with bind server side.</span></p>


<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">Do you think this is dhcp-ddns KEA side, or bind server side issue ?</span></p>


<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"> </span></p>


<div>


<p style="margin-bottom:12.0pt" class="MsoNormal"><span style="font-size:10.0pt;font-family:"Verdana",sans-serif;color:#1F497D" lang="EN-CA">With Best Regards,</span></p>


<p style="margin-bottom:12.0pt" class="MsoNormal"><span style="font-size:10.0pt;font-family:"Verdana",sans-serif;color:#1F497D" lang="EN-CA">Chris LIU</span></p>


</div>


<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"> </span></p>


<p class="MsoNormal"> </p>


<p style="margin:0in;margin-bottom:.0001pt;text-align:center" align="center" class="msipfooter342048f1">


<span style="font-size:10.0pt;font-family:"Calibri",sans-serif;color:black">{OPEN}</span></p>


<div>


<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in">


<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">From:</span></b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif"> Marek Greško <marek.gresko@protonmail.com>


<br>


<b>Sent:</b> Friday, September 29, 2023 7:27 AM<br>


<b>To:</b> LIU Chris <chris-zq.liu@urbanandmainlines.com><br>


<b>Subject:</b> Re: [Kea-users] DDNS update fail</span></p>


</div>


</div>


<p class="MsoNormal"> </p>


<table style="width:100.0%" width="100%" align="left" cellpadding="0" cellspacing="0" border="0" class="MsoNormalTable">


<tbody>


<tr>


<td style="background:#A6A6A6;padding:5.25pt 1.5pt 5.25pt 1.5pt"></td>


<td style="width:100.0%;background:#EAEAEA;padding:5.25pt 3.75pt 5.25pt 11.25pt;word-wrap:break-word" width="100%">


<div>


<p style="mso-element:frame;mso-element-frame-hspace:2.25pt;mso-element-wrap:around;mso-element-anchor-vertical:paragraph;mso-element-anchor-horizontal:column;mso-height-rule:exactly" class="MsoNormal">


<span style="font-size:9.0pt;font-family:"Segoe UI",sans-serif;color:#212121">You don't often get email from


<a href="mailto:marek.gresko@protonmail.com" rel="noreferrer nofollow noopener" target="_blank">marek.gresko@protonmail.com</a>. <a href="https://aka.ms/LearnAboutSenderIdentification" rel="noreferrer nofollow noopener" target="_blank">


Learn why this is important</a></span></p>


</div>


</td>


<td style="width:56.25pt;background:#EAEAEA;padding:5.25pt 3.75pt 5.25pt 3.75pt;word-wrap:break-word;align:left" width="10">


</td>


</tr>


</tbody>


</table>


<div>


<div>


<p style="background:white" class="MsoNormal"><span style="font-size:10.5pt;font-family:"Arial",sans-serif;color:black">Hello,</span></p>


</div>


<div>


<p style="background:white" class="MsoNormal"><span style="font-size:10.5pt;font-family:"Arial",sans-serif;color:black"> </span></p>


</div>


<div>


<p style="background:white" class="MsoNormal"><span style="font-size:10.5pt;font-family:"Arial",sans-serif;color:black">are you sure you are sending DDNS updates to the authoritative DNS server for the zone?</span></p>


</div>


<div>


<p style="background:white" class="MsoNormal"><span style="font-size:10.5pt;font-family:"Arial",sans-serif;color:black"> </span></p>


</div>


<div>


<p style="background:white" class="MsoNormal"><span style="font-size:10.5pt;font-family:"Arial",sans-serif;color:black">Marek</span></p>


</div>


<div>


<p style="background:white" class="MsoNormal"><span style="font-size:10.5pt;font-family:"Arial",sans-serif;color:black"> </span></p>


</div>


<div>


<p style="margin-bottom:12.0pt" class="MsoNormal">------- Original Message -------<br>


On Friday, September 29th, 2023 at 3:01, LIU Chris via Kea-users <<a href="mailto:kea-users@lists.isc.org" rel="noreferrer nofollow noopener" target="_blank">kea-users@lists.isc.org</a>> wrote:<br>


<br>


</p>


<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">


<p style="margin:0in;margin-bottom:.0001pt" class="msipheaderad6c5cd7"><span style="font-size:10.0pt;font-family:"Calibri",sans-serif;color:black">Classified as: {OPEN}</span></p>


<p class="MsoNormal"> </p>


<div>


<p style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto" class="MsoNormal">My DDNS server is running bind9</p>


<p style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto" class="MsoNormal">After dhcp4 assgined a IP to client/device, and send DDNS update to bind server, it fails, bind server did not update their record</p>


<p style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto" class="MsoNormal">The log as bleow:</p>


<p style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto" class="MsoNormal"> </p>


<p style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto" class="MsoNormal"><span style="font-size:9.0pt">Sep 28 20:39:01 Client-Device kea-dhcp-ddns[817343]: 2023-09-28 20:39:01.560 ERROR [kea-dhcp-ddns.d2-to-dns/817343.140459200614528] DHCP_DDNS_FORWARD_REMOVE_RRS_IO_ERROR


 DHCP_DDNS Request ID 000101E8D1B5468126C7E368CC92253A7009434B4B2E2259F3B707A152A7275C679710: encountered an IO error sending a forward RR removal for FQDN client-device.linuxlab.local. to DNS server xxx.yyy.zz.zz port:53</span></p>


<p style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto" class="MsoNormal"><span style="font-size:9.0pt">Sep 28 20:39:01 Client-Device kea-dhcp-ddns[817343]: 2023-09-28 20:39:01.560 ERROR [kea-dhcp-ddns.d2-to-dns/817343.140459200614528] DHCP_DDNS_REMOVE_FAILED


 DHCP_DDNS Request ID 000101E8D1B5468126C7E368CC92253A7009434B4B2E2259F3B707A152A7275C679710: Transaction outcome: Status: Failed, Event: NO_MORE_SERVERS_EVT,  Forward change: failed,  Reverse change: failed,  request: Type: 1 (CHG_REMOVE)</span></p>


<p style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto" class="MsoNormal"><span style="font-size:9.0pt">Sep 28 20:39:01 Client-Device kea-dhcp-ddns[817343]: Forward Change: yes</span></p>


<p style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto" class="MsoNormal"><span style="font-size:9.0pt">Sep 28 20:39:01 Client-Device kea-dhcp-ddns[817343]: Reverse Change: yes</span></p>


<p style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto" class="MsoNormal"><span style="font-size:9.0pt" lang="FR-CA">Sep 28 20:39:01 Client-Device kea-dhcp-ddns[817343]: FQDN: [client=device.linuxlab.local.]</span></p>


<p style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto" class="MsoNormal"><span style="font-size:9.0pt" lang="FR-CA">Sep 28 20:39:01 Client-Device kea-dhcp-ddns[817343]: IP Address: [xxx.xx.xx.xx]</span></p>


<p style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto" class="MsoNormal"><span style="font-size:9.0pt">Sep 28 20:39:01 Client-Device kea-dhcp-ddns[817343]: DHCID: [000101E8D1B5468126C7E368CC92253A7009434B4B2E2259F3B707A152A7275C679710]</span></p>


<p style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto" class="MsoNormal"><span style="font-size:9.0pt">Sep 28 20:39:01 Client-Device kea-dhcp-ddns[817343]: Lease Expires On: 20230928204802</span></p>


<p style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto" class="MsoNormal"><span style="font-size:9.0pt">Sep 28 20:39:01 Client-Device kea-dhcp-ddns[817343]: Lease Length: 600</span></p>


<p style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto" class="MsoNormal"><span style="font-size:9.0pt">Sep 28 20:39:01 Client-Device kea-dhcp-ddns[817343]: Conflict Resolution: no</span></p>


<p style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto" class="MsoNormal"><span style="font-size:9.0pt">Sep 28 20:39:01 Client-Device kea-dhcp-ddns[817343]: 2023-09-28 20:39:01.562 ERROR [kea-dhcp-ddns.d2-to-dns/817343.140459200614528] DHCP_DDNS_FORWARD_ADD_IO_ERROR


 DHCP_DDNS Request ID 000101392F1AEA1CB2B761E4D99A75177520C58768D4F678B9E413CDBA07ACEE038110: encountered an IO error sending a forward mapping add for FQDN client-device.linuxlab.local. to DNS server xx.xxx.xx.x port:53</span></p>


<p style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto" class="MsoNormal"><span style="font-size:9.0pt">Sep 28 20:39:01 Client-Device kea-dhcp-ddns[817343]: 2023-09-28 20:39:01.562 ERROR [kea-dhcp-ddns.d2-to-dns/817343.140459200614528] DHCP_DDNS_ADD_FAILED


 DHCP_DDNS Request ID 000101392F1AEA1CB2B761E4D99A75177520C58768D4F678B9E413CDBA07ACEE038110: Transaction outcome Status: Failed, Event: NO_MORE_SERVERS_EVT,  Forward change: failed,  Reverse change: failed,  request: Type: 0 (CHG_ADD)</span></p>


<p style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto" class="MsoNormal"><span style="font-size:9.0pt">Sep 28 20:39:01 Client-Device kea-dhcp-ddns[817343]: Forward Change: yes</span></p>


<p style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto" class="MsoNormal"><span style="font-size:9.0pt">Sep 28 20:39:01 Client-Device kea-dhcp-ddns[817343]: Reverse Change: yes</span></p>


<p style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto" class="MsoNormal"><span style="font-size:9.0pt">Sep 28 20:39:01 Client-Device kea-dhcp-ddns[817343]: FQDN: [mcg-779.linuxsiplab.local.]</span></p>


<p style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto" class="MsoNormal"><span style="font-size:9.0pt">Sep 28 20:39:01 Client-Device kea-dhcp-ddns[817343]: IP Address: [xx.xx.xx.xxx]</span></p>


<p style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto" class="MsoNormal"><span style="font-size:9.0pt">Sep 28 20:39:01 Client-Device kea-dhcp-ddns[817343]: DHCID: [000101392F1AEA1CB2B761E4D99A75177520C58768D4F678B9E413CDBA07ACEE038110]</span></p>


<p style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto" class="MsoNormal"><span style="font-size:9.0pt">Sep 28 20:39:01 Client-Device kea-dhcp-ddns[817343]: Lease Expires On: 20230928204901</span></p>


<p style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto" class="MsoNormal"><span style="font-size:9.0pt">Sep 28 20:39:01 Client-Device kea-dhcp-ddns[817343]: Lease Length: 600</span></p>


<p style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto" class="MsoNormal"><span style="font-size:9.0pt">Sep 28 20:39:01 Client-Device kea-dhcp-ddns[817343]: Conflict Resolution: no</span></p>


<p style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto" class="MsoNormal"> </p>


<p style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto" class="MsoNormal">I captured on DDNS server  via wireshark,  It says  not authoritative


</p>


<p style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto" class="MsoNormal">DNS       139         Dynamic update response 0xa2ba


<span style="background:yellow;mso-highlight:yellow">Not authoritative SOA</span> linuxlab.local TSIG</p>


<p style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto" class="MsoNormal"> </p>


<p style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto" class="MsoNormal">In client side, I changed the kea configuration:  authoritative: true or false, there is no difference.</p>


<p style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto" class="MsoNormal"> </p>


<p style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto" class="MsoNormal">What would be issue ?</p>


<p style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto" class="MsoNormal"> </p>


<p style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto" class="MsoNormal"><span style="font-size:10.0pt;font-family:"Verdana",sans-serif;color:#1F497D">With Best Regards,</span></p>


<p style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto" class="MsoNormal"><span style="font-size:10.0pt;font-family:"Verdana",sans-serif;color:#1F497D"> </span></p>


<p style="mso-margin-top-alt:auto;margin-bottom:12.0pt" class="MsoNormal"><span style="font-size:10.0pt;font-family:"Verdana",sans-serif;color:#1F497D">Chris LIU</span></p>


<p class="MsoNormal"> </p>


<p style="margin:0in;margin-bottom:.0001pt;text-align:center" align="center" class="msipfooter342048f1">


<span style="font-size:10.0pt;font-family:"Calibri",sans-serif;color:black">{OPEN}</span></p>


</div>


<table style="border-collapse:collapse" cellpadding="0" cellspacing="0" border="0" class="MsoNormalTable">


<tbody>


<tr style="height:8.0pt">


<td style="width:480.0pt;border:none;border-bottom:solid #AAACC9 1.0pt;padding:0in 5.4pt 0in 5.4pt;height:8.0pt" valign="top" width="640">


</td>


</tr>


<tr style="height:64.9pt">


<td style="width:480.0pt;padding:0in 5.4pt 0in 5.4pt;height:64.9pt" valign="top" width="640">


<p style="mso-margin-top-alt:3.75pt;margin-right:0in;margin-bottom:0in;margin-left:3.75pt;margin-bottom:.0001pt">


<i><span style="font-size:9.0pt;font-family:"Century Gothic",sans-serif;color:#242A75">Thales is in the process of carving out its Transportation activity (GTS) from other Thales’ activities. In order to prepare this internal restructuring, a new e-mail address


 has been adopted and your GTS contacts now use urbanandmainlines.com. Please note that their Thales e-mail address remains also valid.</span></i></p>


</td>


</tr>


</tbody>


</table>


</blockquote>


<p class="MsoNormal"> </p>


</div>


</div>


</div>


<table style="border-collapse:collapse;mso-yfti-tbllook:1184;mso-padding-alt:0cm 0cm 0cm 0cm" cellpadding="0" cellspacing="0" border="0" class="MsoNormalTable">


<tbody>


<tr style="mso-yfti-irow:1;height:8pt">


<td style="width:480pt;border:none;border-bottom:solid #AAACC9 1.0pt;


  padding:0cm 5.4pt 0cm 5.4pt;height:8pt" valign="top" width="621">


</td>


</tr>


<tr style="mso-yfti-irow:2;mso-yfti-lastrow:yes;height:64.9pt">


<td style="width:480pt;padding:0cm 5.4pt 0cm 5.4pt;


  height:64.9pt" valign="top" width="721">


<p style="margin-left:5px;margin-top:5px;margin-bottom:0px"><i><span style="font-size:9.0pt;font-family:"Century Gothic",sans-serif;color:#242A75;


  mso-ansi-language:EN-US" lang="EN-US">Thales is in the process of carving out its Transportation activity (GTS)


 from other Thales’ activities. In order to prepare this internal restructuring, a new e-mail address has been adopted and your GTS contacts now use urbanandmainlines.com. Please note that their Thales e-mail address remains also valid.</span></i></p>


</td>


</tr>


</tbody>


</table>


        </blockquote><br>


    </div>