HPE Community
Operating System - Linux
1827894 Members
1547 Online
109969 Solutions
New Discussion

Re: dns dhcp dynamic update

 
Marco_113
Frequent Advisor

‎08-24-2005 03:53 AM

‎08-24-2005 03:53 AM

dns dhcp dynamic update

Hi all,
i've a problem with dynamic update with dns ans dhcp.
I use redhat AS 3.0 update 5.
Bind version 9.2.4.7
dhcp 3.0.1-10

I configured my named.conf:


key DHCP_UPDATER {
algorithm HMAC-MD5;
secret "xxxxxxxx";
};

controls {
inet 127.0.0.1 allow { 127.0.0.1; } keys { "DHCP_UPDATER"; };
};
zone "test.it" {
type master;
notify no;
file "db.test";
allow-update { key DHCP_UPDATER; };
};

zone "20.172.in-addr.arpa" {
type master;
notify no;
file "20.172.in-addr.arpa";
allow-update { key DHCP_UPDATER; };
};


My dhcpd.conf:

key DHCP_UPDATER {
algorithm HMAC-MD5;
secret "xxxxxxxx";
};


zone db.test{
primary 127.0.0.1;
key DHCP_UPDATER;
}

zone 20.172.in-addr.arpa {
primary 127.0.0.1;
key DHCP_UPDATER;
}


But i get some errors in /var/log/messages:

Aug 24 17:55:20 linux dhcpd: Unable to add forward map from vpn.harpaitalia.it to 172.20.40.133: timed out
Aug 24 17:55:20 linux dhcpd: DHCPREQUEST for 172.20.40.133 from 00:0c:29:1d:f7:be (vpn) via eth0
Aug 24 17:55:20 linux dhcpd: DHCPACK on 172.20.40.133 to 00:0c:29:1d:f7:be (vpn) via eth0
Aug 24 17:55:20 linux named[2071]: client 172.20.10.2#32773: update 'test.it/IN' denied

Any suggestion??
Thanks
0 Kudos
Reply
6 REPLIES 6
Gopi Sekar
Honored Contributor

‎08-24-2005 04:18 AM

‎08-24-2005 04:18 AM

Re: dns dhcp dynamic update


I am not expert on this but it looks to be permission related problem. DHCP server runs as non root user, may be it does not have permission to update DNS table (typical file/user permission).

Second the secret key that you use may be wrong , may be in wrong format.

Hope this helps,
Gopi
Never Never Never Giveup
0 Kudos
Reply
Ivan Ferreira
Honored Contributor

‎08-24-2005 07:06 AM

‎08-24-2005 07:06 AM

Re: dns dhcp dynamic update

I think that you missed the ddns-update-style and the allow update options.

An example is located here:

http://www.mattfoster.clara.co.uk/ddns.htm
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
0 Kudos
Reply
Tvs
Regular Advisor

‎08-24-2005 06:57 PM

‎08-24-2005 06:57 PM

Re: dns dhcp dynamic update

hi

check whether your /etc/named directory

it should be owned by named user

check it
0 Kudos
Reply
Tvs
Regular Advisor

‎08-24-2005 06:57 PM

‎08-24-2005 06:57 PM

Re: dns dhcp dynamic update

hi

check your /etc/named directory permission

it should be owned by named user

check it
0 Kudos
Reply
Marco_113
Frequent Advisor

‎08-24-2005 07:45 PM

‎08-24-2005 07:45 PM

Re: dns dhcp dynamic update

Ok thanks for suggestion.

Now it seems to work...
Only for some clients i get this error:


Aug 25 09:46:28 linux named[13037]: client 172.20.40.5#1179: updating zone 'test.it/IN': update failed: 'RRset exists (value dependent)' prerequisite not satisfied (NXRRSET)
Aug 25 09:46:28 linux named[13037]: client 172.20.40.5#1182: update 'test.it/IN' denied

Yesterday i erase by hand the entry of client marpel on the file of the dns zone test.it

Suggestion??


0 Kudos
Reply
Ivan Ferreira
Honored Contributor

‎08-25-2005 08:26 AM

‎08-25-2005 08:26 AM

Re: dns dhcp dynamic update

The problem could be the update style.

Windows 2000 pro and above tries to update the DNS server when they get an ip address. Is not the DHCP server who updates the DNS server for these clients.

Ans as you configured secured updates with keys, as the windows clients does not have the key to pass to the dhcp server, the update is rejected.

For more information about the update style and the problem, see:

http://linuxreviews.org/man/dhcpd.conf/
Por que hacerlo dificil si es posible hacerlo facil? - Why do it the hard way, when you can do it the easy way?
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.