As promised... I now have this close enough to working as makes no odds for me ;)
There were a few bumps along the way, in particular Jan-Piet Mens says in this (rather old, but still top hit in google) blog post: https://jpmens.net/2011/07/06/execute-a-script-when-isc-dhcp-hands-out-a-new-lease/ > If you are using the built-in mechanisms for DNS updates, you must not > define events, as they are then used internally by dhcpd. (The manual page > does, however, give hint at how to overcome that problem.) I didn't see anything in any of the man files (dhcpd/dhcpd.conf/dhcpd-eval) which seemed relevant, and the post is quite old, ... So I set about testing for myself. I have ended up with: > on commit { > set ClientIP = binary-to-ascii(10, 8, ".", leased-address); > set ClientMac = binary-to-ascii(16, 8, ":", substring(hardware, 1, 6)); > set ClientHost = pick-first-value( host-decl-name, > option fqdn.hostname, > option host-name, > "none"); > execute("/etc/dhcp/scripts/test", "commit", ClientIP, ClientMac, > ClientHost); } in my dhcp subnet definition, and the referenced script (owned by dhcpd) calls nsupdate (it specifies the zone, server and key manually) to add in the cname using: > (echo server dns.example.org; echo zone example.org; echo add *.${host}. > example.org 600 cname ${host}.example.org.; echo send) | nsupdate -v -k > /etc/bind/ddns_key >> /tmp/ddns.log > That is correctly adding cname entries (I am currently assuming that bind is being sensible in terms of not making multiple identical cnames). NB - I haven't put anything in place to remove old entries - but since they are cnames for machines which will likely get created again at some point I'm not too fussed about that just yet (unless someone tells me I need to be). Just one issue left which is for a different thread. Thanks for the pointers, John -- On Mon, 30 Sep 2019 at 09:09, John Robson <jrob...@zenoss.com> wrote: > ISC DHCP hooks are probably the right way to go then - I'll need to do > some research to figure out how to put those in place. > > Thanks for the hint - I'll come back when I have had a chance to poke a > bit more. > > John > > On Sun, 29 Sep 2019 at 19:00, Crist Clark <cjc+bind-us...@pumpky.net> > wrote: > >> This isn’t really a BIND or DNS problem. There is not a standard way to >> do this. >> >> If you’re going for some kind of automation or orchestration of these >> services, there are a bunch of different places to build this in, depending >> on the tools you are using. >> >> You did mention ISC DHCP. One approach would be to use the server-side >> hooks when a lease is created or renewed. You could add a script that >> creates what ever additional names you want. >> >> On Sun, Sep 29, 2019 at 10:22 AM John Robson via bind-users < >> bind-users@lists.isc.org> wrote: >> >>> Hi all, >>> >>> I've set up both ISC dhcpd and ISC bind to provide relevant services to >>> a virtualised test lab. In the test lab obviously boxes will be brought up >>> and down fairly frequently, and I'm aiming to minimise the amount of effort >>> that this takes our users. >>> >>> So - the machines get an IP address and dhcpd updates bind, so a >>> specific internal domain gets updated - let's use example.orghere for >>> ease of reading. >>> >>> That all works (after a little fight with permissions). >>> I set up a machine with a hostname of 'foo' and there is an automagic >>> DNS entry `foo.example.org`. >>> >>> BUT - what I'd like to do is have `*.foo.example.org` (or even a >>> specific listing of subdomains) point to that IP as well - to enable the >>> various vhost based services on the test machines to be accessed without >>> having to mess with local hosts files or further mess with DNS each time. >>> >>> e.g. test.foo.example.org should point to the same IP as foo.example.org >>> (heck, >>> could even be a cname) >>> >>> Is there some simple configuration I am missing - or is this not >>> possible? >>> Is there a better way to get to where I want to be*? >>> >>> Cheers, >>> >>> John >>> >>
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
