0

I'm having a hard time configuring a more modern release of a Fedora DHCP service to replace an older one and the problem is that clients aren't getting the appropriate DNS server information.

I had been using dhcpd on an earlier Fedora release quite successfully to serve an internal network and provide the following features to clients:

1) Unknown clients ONLY received an IP address, but are NOT provided external routing or DNS server information.

2) Clients known via MAC addresses were mapped to specific IPs, given the correct out-bound route, and external DNS servers.

However, that system suffered a hardware failure and I've been trying to transition to an alternate server with younger OS - FC 21. (The older configuration was of an unknown version, but not very old.) I can't seem to get either known or unknown clients the correct DNS server information to resolve host names; they can route, but cannot resolve names.

The new software, dhcp-4.3.1-12.fc21, and it does not have the same configuration details. Instead it has an ability to update friendly DNS servers - a feature not required here. All my searches for how to properly configure it have revealed instead details about updating a friendly DNS server with knowledge of served hosts - which, of course, has nothing to do with what I am trying to do.

These directions only speak of something called domain-name-servers, and the example is thus: 

# option domain-name-servers ns1.example.org, ns2.example.org;

My own entries at the moment have been for ALL clients and use IP addresses instead of domain names, like this

option domain-name-servers 67.100.88.26, 64.105.172.26;

It would be very nice if someone can confirm that domain-name-servers is intended to be used to point to the cooperating DNS servers that this DHCP server is supposed to connect with for updating with information about clients of this DHCP server.

I have had difficulty finding ANY other name-server related configuration settings that aren't related to authentication between dhcpd server and cooperating dns servers.

Notably, it seems relatively insane to me to provide names and not IP addresses for entries in a location that is going to tell clients how to look-up IP addresses from names, but maybe the strategy just depends on the host's own /etc/resolv.conf.

Could it be that the new system simply hands over to ALL clients the system's resolv.conf data?! HORRIFIC! That would mean that one CANNOT HIDE this data from unknown clients! However, that cannot be because my clients receive NO DNS server data!

Richard T
  • 1,130
  • 11
  • 26

1 Answers1

0

It turned out that the system I was testing on had two interfaces, both dhcp served but by different servers (the other being a hardware router), and so my testing was less than helpful. However, once I realized the problem, I was able to get it working and confirm a few facts that are FAR less than clear in the official documentation:

  1. domain-name-servers does in fact point clients to their DNS servers, and it works both globally and on a host-by-host basis. And;
  2. domain-name-servers must be prefaced with the word "option", space delimited, and multiple servers are separated by commas, with a semicolon terminator. And;
  3. Without a domain-name-servers entry at an appropriate location, no DNS translation is possible.

Lesson learned: test more carefully! ("test only one thing at a time" also means don't let an unmanaged variable be introduced by accident.)

It would also be nice if the documentation were more clear.

Richard T
  • 1,130
  • 11
  • 26