Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[SOLVED] dhcpd + bind - can't do ddns reverse map updates
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
Ant P.
Watchman
Watchman


Joined: 18 Apr 2009
Posts: 6920

PostPosted: Sat Jun 12, 2010 1:49 am    Post subject: [SOLVED] dhcpd + bind - can't do ddns reverse map updates Reply with quote

I've been banging my head against this for hours now and I can't figure out what's wrong; I've got my DHCP server set up to add DNS entries, which works for the forward map (so I can do "host laptop.lan"), but the reverse map fails ("host 192.168.0.130" does not work). The logs go like this:
Code:
==> dhcpd/current <==
Jun 12 01:13:02 [dhcpd] DHCPDISCOVER from 00:22:43:43:55:e3 via br0
Jun 12 01:13:03 [dhcpd] DHCPOFFER on 192.168.0.130 to 00:22:43:43:55:e3 (laptop) via br0

==> named/debug.log <==
12-Jun-2010 01:13:03.009 update: client 127.0.0.1#38572: view internal: updating zone 'lan/IN': adding an RR at 'laptop.lan' A
12-Jun-2010 01:13:03.009 update: client 127.0.0.1#38572: view internal: updating zone 'lan/IN': adding an RR at 'laptop.lan' TXT

==> dhcpd/current <==
Jun 12 01:13:03 [dhcpd] Added new forward map from laptop.lan to 192.168.0.130
Jun 12 01:13:03 [dhcpd] unable to add reverse map from 130.0.168.192.in-addr.arpa to laptop.lan: timed out
Jun 12 01:13:03 [dhcpd] DHCPREQUEST for 192.168.0.130 (192.168.0.5) from 00:22:43:43:55:e3 (laptop) via br0
Jun 12 01:13:03 [dhcpd] DHCPACK on 192.168.0.130 to 00:22:43:43:55:e3 (laptop) via br0


And the config files (some stuff left out for readability):

named.conf
Code:

include "/etc/bind/logs.conf";
include "/etc/bind/rndc.key";
include "/etc/bind/dhcp.keys";
acl "trusted" {
    192.168.0.0/24;
    127.0.0.0/8;
};
options {
    listen-on { any; };
    allow-query { trusted; };
    allow-query-cache { trusted; };
};
controls {
    inet 127.0.0.1 port 953 allow { 127.0.0.1/32; ::1/128; } keys { "rndc-key"; };
};
view "internal" in {
    match-clients { trusted; };
    recursion yes;
    additional-from-auth yes;
    additional-from-cache yes;
    zone "." in {
        type hint;
        file "/var/bind/root.cache";
    };
    zone "localhost" IN {
        type master;
        file "pri/localhost.zone";
        allow-query { any; };
        allow-transfer { none; };
        notify no;
    };
    zone "127.in-addr.arpa" IN {
        type master;
        file "pri/127.zone";
        allow-query { any; };
        allow-transfer { none; };
        notify no;
    };
    zone "lan." IN {
        type master;
        file "pri/lan.zone";
        allow-update { key "dhcp-key"; };
    };
    zone "0.168.192.in-addr.arpa." IN {
        type master;
        file "pri/192.168.0.zone";
        allow-update { key "dhcp-key"; };
    };
};

dhcpd.conf
Code:
authoritative;
ddns-domainname "lan";
ddns-rev-domainname "in-addr.arpa";
ddns-update-style interim;
default-lease-time 30;
max-lease-time 86400;
option domain-name "lan";
use-host-decl-names on;

include "/etc/bind/dhcp.keys";
zone lan. {
    primary 127.0.0.1;
    key dhcp-key;
}
zone 0.168.192.in-addr.arpa. {
    primary 127.0.0.1;
    key dhcp-key;
}


I've tried everything I can think of - it really doesn't make sense why one would work but not the other because the config for both bits is virtually identical. Is there something really obvious I'm missing?


Last edited by Ant P. on Wed Jun 16, 2010 11:43 am; edited 1 time in total
Back to top
View user's profile Send private message
nativemad
Developer
Developer


Joined: 30 Aug 2004
Posts: 918
Location: Switzerland

PostPosted: Mon Jun 14, 2010 10:48 am    Post subject: Reply with quote

I don't see anything obvious wrong...
The only thing i can think of are the file permissions of the zonefiles!?

Good luck
_________________
Power to the people!
Back to top
View user's profile Send private message
Herring42
Guru
Guru


Joined: 10 Mar 2004
Posts: 373
Location: Buckinghamshire

PostPosted: Mon Jun 14, 2010 12:12 pm    Post subject: Reply with quote

I've tried before and failed to get this working. :cry:

Please let us know if you manage!

As far as I understood, the dynamic updates are not held in the zone files...
_________________
"The problem with quotes on the internet is that it is difficult
to determine whether or not they are genuine." -- Abraham Lincoln
Back to top
View user's profile Send private message
nativemad
Developer
Developer


Joined: 30 Aug 2004
Posts: 918
Location: Switzerland

PostPosted: Mon Jun 14, 2010 12:35 pm    Post subject: Reply with quote

Herring42 wrote:

As far as I understood, the dynamic updates are not held in the zone files...


Of course they are! -Where should they be otherwise!? :roll:
I have it working for years over here with about 10 different subnets declared!
_________________
Power to the people!
Back to top
View user's profile Send private message
Herring42
Guru
Guru


Joined: 10 Mar 2004
Posts: 373
Location: Buckinghamshire

PostPosted: Mon Jun 14, 2010 1:36 pm    Post subject: Reply with quote

nativemad wrote:

Of course they are! -Where should they be otherwise!? :roll:


Umm, in their own dynamic file? So you could separate those hosts you set directly from the dynamic ones? That would make sense to me!
_________________
"The problem with quotes on the internet is that it is difficult
to determine whether or not they are genuine." -- Abraham Lincoln
Back to top
View user's profile Send private message
nativemad
Developer
Developer


Joined: 30 Aug 2004
Posts: 918
Location: Switzerland

PostPosted: Mon Jun 14, 2010 2:05 pm    Post subject: Reply with quote

Herring42 wrote:

Umm, in their own dynamic file? So you could separate those hosts you set directly from the dynamic ones? That would make sense to me!

Not really... they are in one zone file! -That's the reason why one should only allow dhcpd or special hosts to make updates!! (I remember a case where client-machines where able to delete the NS-records via nslookup on a Windows Domain controller 8O )
I don't see a real reason otherwise why they should be any different from static entries!?
_________________
Power to the people!
Back to top
View user's profile Send private message
Ant P.
Watchman
Watchman


Joined: 18 Apr 2009
Posts: 6920

PostPosted: Tue Jun 15, 2010 1:56 pm    Post subject: Reply with quote

Yes, I've already checked the permissions on the zone files. I can delete the .jnl that gets auto-created for forward DNS and it gets remade without a problem, so it's not that.
Back to top
View user's profile Send private message
nativemad
Developer
Developer


Joined: 30 Aug 2004
Posts: 918
Location: Switzerland

PostPosted: Wed Jun 16, 2010 5:12 am    Post subject: Reply with quote

Does the reverse zone work at all? Not that the problem is the zone itself...
Code:
host -a ip.of.the.server

_________________
Power to the people!
Back to top
View user's profile Send private message
Ant P.
Watchman
Watchman


Joined: 18 Apr 2009
Posts: 6920

PostPosted: Wed Jun 16, 2010 11:42 am    Post subject: Reply with quote

That was it!

My 192.168 zone had "$ORIGIN ." at the top of the file and apparently it didn't like that, even though all the DNS names in the file were absolute ones. Changed that to the in-addr.arpa thing it should be and everything works now. Thanks!
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum