<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body style="overflow-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;">Hi All,<div><br></div><div>I’ve recently converted from the older ISC dhcpd with dynamic DNS configured and working properly with updating forward and reverse entries, but after converting to Kea, I can only get the forward entries to work and the reverse entries do not update.</div><div><br></div><div>This is a raspberry pi 4b running Ubuntu 22.04 LTS with Kea 2.0.2. I can’t run the latest version since this is an arm system.</div><div><br></div><div>From what I can tell, things *look* correct, but when I do a journalctl -xeu kea-dhcp-ddns-server, in the below snippet, I get the following:</div><div><div><font face="Courier New">Jan 27 15:55:15 raspi kea-dhcp-ddns[1542846]: INFO DHCP_DDNS_REMOVE_SUCCEEDED DHCP_DDNS Request ID 000001F16C84BB0E8343A9B37FA2789333DAFE841ED32B93F538FC22A0F905170D2979: successfully removed the DNS mapping addition for this request: Type: 1 (CHG_REMOVE)</font></div><div><font face="Courier New">Jan 27 15:55:15 raspi kea-dhcp-ddns[1542846]: Forward Change: yes</font></div><div><font face="Courier New">Jan 27 15:55:15 raspi kea-dhcp-ddns[1542846]: Reverse Change: yes</font></div><div><font face="Courier New">Jan 27 15:55:15 raspi kea-dhcp-ddns[1542846]: FQDN: [lg-washer.totusmel.com.]</font></div><div><font face="Courier New">Jan 27 15:55:15 raspi kea-dhcp-ddns[1542846]: IP Address: [192.168.10.74]</font></div><div><font face="Courier New">Jan 27 15:55:15 raspi kea-dhcp-ddns[1542846]: DHCID: [000001F16C84BB0E8343A9B37FA2789333DAFE841ED32B93F538FC22A0F905170D2979]</font></div><div><font face="Courier New">Jan 27 15:55:15 raspi kea-dhcp-ddns[1542846]: Lease Expires On: 20240127223510</font></div><div><font face="Courier New">Jan 27 15:55:15 raspi kea-dhcp-ddns[1542846]: Lease Length: 2400</font></div><div><font face="Courier New">Jan 27 15:55:15 raspi kea-dhcp-ddns[1542846]: Conflict Resolution: yes</font></div><div><font face="Courier New">Jan 27 16:28:37 raspi kea-dhcp-ddns[1542846]: ERROR DHCP_DDNS_REVERSE_REPLACE_REJECTED DNS Request ID 000001F16C84BB0E8343A9B37FA2789333DAFE841ED32B93F538FC22A0F905170D2979: Server, 192.168.10.3 port:53, rejected a DNS update request to replace the reverse mapping for FQDN, lg-washer.totusmel.com., with an RCODE: 5</font></div><div><font face="Courier New">Jan 27 16:28:37 raspi kea-dhcp-ddns[1542846]: ERROR DHCP_DDNS_ADD_FAILED DHCP_DDNS Request ID 000001F16C84BB0E8343A9B37FA2789333DAFE841ED32B93F538FC22A0F905170D2979: Transaction outcome Status: Failed, Event: UPDATE_FAILED_EVT, Forward change: completed, Reverse change: failed, request: Type: 0 (CHG_ADD)</font></div><div><font face="Courier New">Jan 27 16:28:37 raspi kea-dhcp-ddns[1542846]: Forward Change: yes</font></div><div><font face="Courier New">Jan 27 16:28:37 raspi kea-dhcp-ddns[1542846]: Reverse Change: yes</font></div><div><font face="Courier New">Jan 27 16:28:37 raspi kea-dhcp-ddns[1542846]: FQDN: [lg-washer.totusmel.com.]</font></div><div><font face="Courier New">Jan 27 16:28:37 raspi kea-dhcp-ddns[1542846]: IP Address: [192.168.10.74]</font></div><div><font face="Courier New">Jan 27 16:28:37 raspi kea-dhcp-ddns[1542846]: DHCID: [000001F16C84BB0E8343A9B37FA2789333DAFE841ED32B93F538FC22A0F905170D2979]</font></div><div><font face="Courier New">Jan 27 16:28:37 raspi kea-dhcp-ddns[1542846]: Lease Expires On: 20240128010837</font></div><div><font face="Courier New">Jan 27 16:28:37 raspi kea-dhcp-ddns[1542846]: Lease Length: 2400</font></div><div><font face="Courier New">Jan 27 16:28:37 raspi kea-dhcp-ddns[1542846]: Conflict Resolution: yes</font></div><div><font face="Courier New">Jan 27 19:47:29 raspi kea-dhcp-ddns[1542846]: INFO DHCP_DDNS_REMOVE_SUCCEEDED DHCP_DDNS Request ID 000101F6EDAB718AF0636693516DC64E90C9548F7468BA9B9BE28C3603ADF66E710310: successfully removed the DNS mapping addition for this request: Type: 1 (CHG_REMOVE)</font></div><div><font face="Courier New">Jan 27 19:47:29 raspi kea-dhcp-ddns[1542846]: Forward Change: yes</font></div><div><font face="Courier New">Jan 27 19:47:29 raspi kea-dhcp-ddns[1542846]: Reverse Change: yes</font></div><div><font face="Courier New">Jan 27 19:47:29 raspi kea-dhcp-ddns[1542846]: FQDN: [lr-lg-c2.totusmel.com.]</font></div><div><font face="Courier New">Jan 27 19:47:29 raspi kea-dhcp-ddns[1542846]: IP Address: [192.168.10.108]</font></div><div><font face="Courier New">Jan 27 19:47:29 raspi kea-dhcp-ddns[1542846]: DHCID: [000101F6EDAB718AF0636693516DC64E90C9548F7468BA9B9BE28C3603ADF66E710310]</font></div><div><font face="Courier New">Jan 27 19:47:29 raspi kea-dhcp-ddns[1542846]: Lease Expires On: 20240128033544</font></div><div><font face="Courier New">Jan 27 19:47:29 raspi kea-dhcp-ddns[1542846]: Lease Length: 2400</font></div><div><font face="Courier New">Jan 27 19:47:29 raspi kea-dhcp-ddns[1542846]: Conflict Resolution: yes</font></div></div><div><br></div><div>The error entry shows a failure while the first and second entries show success.</div><div><br></div><div>I’m a bit baffled because in the kea-dhcp-ddns.conf, the forward and reverse are configured nearly the same and reference the same key to allow updates:</div><div><div><font face="Courier New">"DhcpDdns":</font></div><div><font face="Courier New">{</font></div><div><font face="Courier New"> "ip-address": "127.0.0.1",</font></div><div><font face="Courier New"> "port": 53001,</font></div><div><font face="Courier New"> "control-socket": {</font></div><div><font face="Courier New"> "socket-type": "unix",</font></div><div><font face="Courier New"> "socket-name": "/tmp/kea-ddns-ctrl-socket"</font></div><div><font face="Courier New"> },</font></div><div><font face="Courier New"><br></font></div><div><font face="Courier New"> <?include "/etc/kea/tsig-keys.json"?></font></div><div><font face="Courier New"><br></font></div><div><font face="Courier New"> "forward-ddns" : {</font></div><div><font face="Courier New"> "ddns-domains": [</font></div><div><font face="Courier New"> {</font></div><div><font face="Courier New"> "name": "totusmel.com.",</font></div><div><font face="Courier New"> "key-name": "ddns-key",</font></div><div><font face="Courier New"> "dns-servers": [</font></div><div><font face="Courier New"> {</font></div><div><font face="Courier New"> "ip-address": "192.168.10.3",</font></div><div><font face="Courier New"> "port": 53</font></div><div><font face="Courier New"> }</font></div><div><font face="Courier New"> ]</font></div><div><font face="Courier New"> }</font></div><div><font face="Courier New"> ]</font></div><div><font face="Courier New"> },</font></div><div><font face="Courier New"><br></font></div><div><font face="Courier New"> "reverse-ddns" : {</font></div><div><font face="Courier New"> "ddns-domains": [</font></div><div><font face="Courier New"> {</font></div><div><font face="Courier New"> "name": "10.168.192.in-addr.arpa.",</font></div><div><font face="Courier New"> "key-name": "ddns-key",</font></div><div><font face="Courier New"> "dns-servers": [</font></div><div><font face="Courier New"> {</font></div><div><font face="Courier New"> "ip-address": "192.168.10.3",</font></div><div><font face="Courier New"> "port": 53</font></div><div><font face="Courier New"> }</font></div><div><font face="Courier New"> ]</font></div><div><font face="Courier New"> }</font></div><div><font face="Courier New"> ]</font></div><div><font face="Courier New">}</font></div></div><div><br></div><div>The relevant section from the kea-dhcp4.conf:</div><div><div><font face="Courier New"> "dhcp-ddns": {</font></div><div><font face="Courier New"> "enable-updates": true</font></div><div><font face="Courier New"> }</font></div><div><font face="Courier New"> "ddns-qualifying-suffix": "totusmel.com",</font></div><div><font face="Courier New"> "ddns-override-client-update": true,</font></div></div><div><br></div><div>I’m also expecting there to be a .jnl file for the zone file in /var/lib/bind/ where the zone files reside, but the .jnl file I’m expecting never gets generated:</div><div><div><font face="Courier New">root@raspi:/var/lib/bind# ls -la db*</font></div><div><font face="Courier New">-rw-r--r-- 1 bind bind 6169 Jan 27 16:37 db.10.168.192.in-addr.arpa</font></div><div><font face="Courier New">-rw-r--r-- 1 bind bind 295 Nov 6 2022 db.20.168.192.in-addr.arpa</font></div><div><font face="Courier New">-rw-r--r-- 1 bind bind 347 Nov 6 2022 db.30.168.192.in-addr.arpa</font></div><div><font face="Courier New">-rw-r--r-- 1 bind bind 278 Nov 6 2022 db.40.168.192.in-addr.arpa</font></div><div><font face="Courier New">-rw-r--r-- 1 bind bind 276 Nov 6 2022 db.50.168.192.in-addr.arpa</font></div><div><font face="Courier New">-rw-r--r-- 1 bind bind 1082 Jan 25 20:08 db.lab.totusmel.com</font></div><div><font face="Courier New">-rw-r--r-- 1 bind bind 1372 Jan 25 19:56 db.lab.totusmel.com.jnl</font></div><div><font face="Courier New">-rw-r--r-- 1 bind bind 22676 Jan 28 02:41 db.totusmel.com</font></div><div><font face="Courier New">-rw-r--r-- 1 bind bind 3872 Jan 28 02:28 db.totusmel.com.jnl</font></div></div><div><br></div><div>Does anyone have any thoughts or suggestions on what might be wrong? I can provide more information if needed, I just included the bits that I thought were relevant.</div><div><br></div><div>Any thoughts or suggestions would be greatly appreciated!</div><div><br></div><div>-Ubence</div><div><br></div></body></html>