2

I have an Ubuntu 14.04 server, running an isc_dhcp_server and the bind9 DNS server. Bind acts as a cache, and it maintains the .m domain (and zone) on my local network. The server's address is 10.0.0.1, and its FQDN is server.m.

The problem is that the DHCP server is not sending any DDNS updates to the DNS server. I have tried changing the DHCP server's configuration (using LDAP)in numerous ways, but to no avail. E.g.: I moved all the config statements that are now part of the subnet to it's parent group. Both configurations seem to work equally (un)well.

What am I doing wrong?

I did however manage to send a manually constructed DDNS update to the DNS server, like this answer shows how to do. This worked perfectly, and the updates showed up in my system logs. Even if I'm using the wrong key with nsupdate, that's being logged. Thus, my bind configuration should be fine.

My DHCP server is configured using LDAP, as per this tutorial. The resulting config file (which is generated from the LDAP tree during the DHCP server's startup sequence) looks like the code posted below. (result of ldap-debug-file "/var/log/dhcp-ldap.conf";)

You might wonder "Where are the host entries?". In my LDAP directory, those are located inside the group, as objectClass: dhcpGroup, but they don't appear in the derived dhcp-ldap.conf file. Those hosts that I configured with a dhcpHWAddress: ethernet 01:23:45:67:89:ab property are considered to be known-clients, since these end up receiving addressed from the range 10.0.0.64 10.0.0.127. All the hosts that I configured that way also have a dhcpOption: host-name "some-host-name" and dhcpStatements: ddns-hostname "some-host-name".

Despite the known-clients being recognized, I don't see any attempts of the DHCP server trying to update any DNS records in my logs.

log-facility local7;
default-lease-time 43200;
max-lease-time 86400;
key DHCP_UPDATER { algorithm hmac-md5; secret somesecretkey; }

group {
    option domain-name "m";
    option subnet-mask 255.255.255.0;
    option broadcast-address 10.0.0.255;
    option time-servers server.m;
    option routers server.m;
    option domain-name-servers server.m;

    subnet 10.0.0.0 netmask 255.255.255.0 {
        authoritative;
        update-static-leases on;
        deny client-updates;
        ddns-update-style interim;
        ddns-updates on;
        zone 0.0.10.in-addr.arpa. { primary server.m; key DHCP_UPDATER; }
        zone m. { primary server.m; key DHCP_UPDATER; }
        ddns-rev-domainname "0.0.10.in-addr.arpa.";
        ddns-domainname "m.";
        pool {
            range 10.0.0.128 10.0.0.192;
            allow unknown-clients;
        }
        pool {
            range 10.0.0.64 10.0.0.127;
            allow known-clients;
        }
    }
}
Community
  • 1
derabbink
  • 251
  • 4
  • 16

1 Answers1

3

From the dhcpd.conf(5) man page:

The ddns-update-style parameter

     ddns-update-style style;

     The  style  parameter  must  be  one of ad-hoc, interim or none.  The
     ddns-update-style statement is only meaningful in the outer  scope  -
     it  is  evaluated once after reading the dhcpd.conf file, rather than
     each time a client is assigned an IP address, so there is no  way  to
     use different DNS update styles for different clients. The default is
     none.

In your config, you have put ddns-update-style inside a subnet block. According to the above, ddns-update-style is only meaningful in the outer scope, so your config as written will not work. Move ddns-update-style to the outer scope, i.e. outside of any block.

Steven Monday
  • 13,019
  • 4
  • 35
  • 45