Send dhcp-users mailing list submissions to
dhcp-users@lists.isc.org
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.isc.org/mailman/listinfo/dhcp-users
or, via email, send a message with subject or body 'help' to
dhcp-users-requ...@lists.isc.org
You can reach the person managing the list at
dhcp-users-ow...@lists.isc.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of dhcp-users digest..."
Today's Topics:
1. Re: [*SP4M*] DHCPd only updating the forward zone (Dan Egli)
2. Re: [*SP4M*] DHCPd only updating the forward zone (Rick Dicaire)
----------------------------------------------------------------------
Message: 1
Date: Thu, 24 Dec 2020 15:22:48 -0700
From: Dan Egli <d...@newideatest.site>
To: Users of ISC DHCP <dhcp-users@lists.isc.org>
Subject: Re: [*SP4M*] DHCPd only updating the forward zone
Message-ID: <61a69ecd-8f84-5cc1-fac7-31dedc3c8...@newideatest.site>
Content-Type: text/plain; charset="utf-8"; Format="flowed"
Alright. I did a test, and it's still not even trying to create the
reverse mapping. I don't know why. I created a machine called terra. It
asked dhcpd for a least. It got a lease. But that least never made it to
named's in-addr.arpa zone, even though named is running too. I'm at a
loss as to what's up and why it won't try to create the reverse DNS
pointer. the DNS. Here's the setup:
terra: Booting from a Gentoo Minimal CD, running dhcpcd -h terra so that
the hostname gets passed to dhcpd
pluto: dhcpd running. Receives a lease request, offers a new least,
receive the ack, writes the forward mapping, ends. Does not write the
reverse mapping. Here's the log segment:
Dec 24 15:02:22 pluto dhcpd[2439]: DHCPDISCOVER from 08:00:27:03:d3:23
via enp0s8
Dec 24 15:02:23 pluto dhcpd[2439]: DHCPOFFER on 192.168.10.128 to
08:00:27:03:d3:23 (terra) via enp0s8
Dec 24 15:02:23 pluto dhcpd[2439]: DHCPREQUEST for 192.168.10.128
(192.168.10.1) from 08:00:27:03:d3:23 (terra) via enp0s8
Dec 24 15:02:23 pluto dhcpd[2439]: DHCPACK on 192.168.10.128 to
08:00:27:03:d3:23 (terra) via enp0s8
Dec 24 15:02:23 pluto dhcpd[2439]: Added new forward map from
terra.eglifamily.name to 192.168.10.128
As you can see, dig works for terra, not for it's IP:
pluto /etc/systemd # dig a +short terra.eglifamily.name
192.168.10.128
pluto /etc/systemd # dig a -x +short 192.168.10.128
pluto /etc/systemd # dig ptr -x 192.168.10.128
; <<>> DiG 9.16.6 <<>> ptr -x 192.168.10.128
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14327
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 0de11839ad25b1b5010000005fe51320c8672852930cb66c (good)
;; QUESTION SECTION:
;128.10.168.192.in-addr.arpa.?? IN????? PTR
;; AUTHORITY SECTION:
10.168.192.in-addr.arpa. 60???? IN????? SOA pluto.eglifamily.name.
dan.eglifamily.name. 2 1800 300 86400 60
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Dec 24 15:16:00 MST 2020
;; MSG SIZE? rcvd: 145
pluto /etc/systemd # dig +short ptr -x 192.168.10.128
pluto /etc/systemd #
So, pluto is obviously recognized as the SOA for 192.168.10.x, which is
good. Why then is dhcpd only sending a forward mapping?
FWIW, although they haven't changed, I'll repost the zone files and the
config files.
eglifamily.zone:
$ORIGIN .
$TTL 21600????? ; 6 hours
eglifamily.name???????? IN SOA? pluto.eglifamily.name.
dan.eglifamily.name. (
??????????????????????????????? 4????????? ; serial
??????????????????????????????? 1800?????? ; refresh (30 minutes)
??????????????????????????????? 300??????? ; retry (5 minutes)
??????????????????????????????? 86400????? ; expire (1 day)
??????????????????????????????? 60???????? ; minimum (1 minute)
??????????????????????????????? )
??????????????????????? NS????? pluto.eglifamily.name.
??????????????????????? MX????? 1 jupiter.eglifamily.name.
charon????????????????? A?????? 192.158.10.1
jupiter???????????????? A?????? 192.168.10.3
pluto?????????????????? A?????? 192.168.10.2
$TTL 1800?????? ; 30 minutes
terra?????????????????? A?????? 192.168.10.128
??????????????????????? TXT "311fd3292f4dc507ed06f247665a4ac9ab"
That's after terra gets registered, obviously. But at the same time,
here's the reverse zone.
10.168.192.arpa.zone:
$TTL 10m
@?????? IN SOA? pluto.eglifamily.name. dan.eglifamily.name. (
??????????????????????????????? 2????????? ; serial
??????????????????????????????? 30m??????? ; refresh
??????????????????????????????? 5m???????? ; retry
??????????????????????????????? 1d???????? ; expire
??????????????????????????????? 1m???????? ; negative response cache
??????????????????????????????? )
??????????????????????? NS????? pluto.eglifamily.name.
1?????????????????????? PTR???? charon.eglifamily.name.
2?????????????????????? PTR???? pluto.eglifamily.name.
3?????????????????????? PTR???? jupiter.eglifamily.name.
Notice no PTR to terra. As to config files, here's dhcpd:
default-lease-time 3600;
max-lease-time 43200;
ddns-update-style interim;
authoritative;
log-facility local1;
allow booting;
subnet 10.0.0.0 netmask 255.0.0.0 {
# no services at all! That's the llnk from the ISP. Don't touch it!
}
subnet 192.168.10.0 netmask 255.255.255.0 {
??????? interface enp0s8;
??????? range 192.168.10.128 192.168.10.254;
??????? if exists user-class and option user-class = "iPXE" {
??????? filename "pxelinux.efi";
??????? } else {
??????? filename "pxelinux.0";
??????? }
??????? next-server 192.168.10.3;
??????? option domain-name-servers 192.168.10.2;
??????? option domain-name "eglifamily.name";
??????? option routers 192.168.10.1;
}
host fixed-1 {
??????? hardware ethernet 08:00:27:D5:AA:3C;
??????? fixed-address 192.168.10.64;
??????? option host-name "fixed-1";
??????? ddns-hostname "fixed-1.eglifamily.name";
}
And here's named.conf:
On 12/22/2020 7:48 AM, /etc/bind/named.conf
acl "xfer" {
??????? none;
};
acl "trusted" {
??????? 10.0.2.15/32;
??????? 192.168.10.0/24;
??????? 127.0.0.0/8;
??????? ::1/128;
??????? # eventualy add valid IPv6 addresses here.
};
acl "myself" {
??????? 127.0.0.0/24;
??????? ::1/128;
??????? 192.168.10.2/32;
??????? 10.0.2.15/32;
};
options {
??????? directory "/var/bind";
??????? pid-file "/run/named/named.pid";
??????? tkey-gssapi-keytab "/var/lib/samba/bind-dns/dns.keytab";
??????? minimal-responses yes;
??????? listen-on-v6 { none; };? // for now
??????? listen-on { 192.168.10.2; 127.0.0.1; };
??????? allow-query {
??????????????? trusted;
??????? };
??????? allow-query-cache {
??????????????? trusted;
??????? };
??????? allow-recursion {
??????????????? trusted;
??????? };
??????? allow-transfer {
??????????????? none;
??????? };
??????? allow-update {
??????????????? myself;
??????? };
??????? dnssec-validation auto;
};
logging {
??????? channel default_log {
??????????????? file "/var/log/named/named.log" versions 5 size 50M;
??????????????? print-time yes;
??????????????? print-severity yes;
??????????????? print-category yes;
??????? };
??????? category default { default_log; };
??????? category general { default_log; };
};
include "/etc/bind/rndc.key";
controls {
??????? inet 127.0.0.1 port 953 allow { 127.0.0.1/32; ::1/128; } keys {
"rndc-key"; };
};
zone "localhost" IN {
??????? type master;
??????? file "pri/localhost.zone";
??????? notify no;
};
zone "eglifamily.name" {
??????? type master;
??????? file "pri/eglifamily.zone";
??????? notify yes;
};
zone "10.168.192.in-addr.arpa" {
??????? type master;
??????? file "pri/10.168.192.arpa.zone";
??????? notify yes;
};
include "/var/lib/samba/bind-dns/named.conf";
So, what is wrong?
--
Dan Egli
From my Test Server
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<https://lists.isc.org/pipermail/dhcp-users/attachments/20201224/a82c1a38/attachment-0001.htm>
------------------------------
Message: 2
Date: Thu, 24 Dec 2020 17:58:12 -0500
From: Rick Dicaire <kri...@gmail.com>
To: Users of ISC DHCP <dhcp-users@lists.isc.org>
Subject: Re: [*SP4M*] DHCPd only updating the forward zone
Message-ID:
<ca+cc--ewoh10yg0qtzhczwayxnkhtl2tcghs5sa24k_qsex...@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
Where's your dhcpd.conf declaration for 10.168.192.in-addr.arpa?
On Thu, Dec 24, 2020 at 5:23 PM Dan Egli <d...@newideatest.site> wrote:
> Alright. I did a test, and it's still not even trying to create the
> reverse mapping. I don't know why. I created a machine called terra. It
> asked dhcpd for a least. It got a lease. But that least never made it to
> named's in-addr.arpa zone, even though named is running too. I'm at a loss
> as to what's up and why it won't try to create the reverse DNS pointer. the
> DNS. Here's the setup:
>
> terra: Booting from a Gentoo Minimal CD, running dhcpcd -h terra so that
> the hostname gets passed to dhcpd
>
> pluto: dhcpd running. Receives a lease request, offers a new least,
> receive the ack, writes the forward mapping, ends. Does not write the
> reverse mapping. Here's the log segment:
>
> Dec 24 15:02:22 pluto dhcpd[2439]: DHCPDISCOVER from 08:00:27:03:d3:23 via
> enp0s8
> Dec 24 15:02:23 pluto dhcpd[2439]: DHCPOFFER on 192.168.10.128 to
> 08:00:27:03:d3:23 (terra) via enp0s8
> Dec 24 15:02:23 pluto dhcpd[2439]: DHCPREQUEST for 192.168.10.128
> (192.168.10.1) from 08:00:27:03:d3:23 (terra) via enp0s8
> Dec 24 15:02:23 pluto dhcpd[2439]: DHCPACK on 192.168.10.128 to
> 08:00:27:03:d3:23 (terra) via enp0s8
> Dec 24 15:02:23 pluto dhcpd[2439]: Added new forward map from
> terra.eglifamily.name to 192.168.10.128
>
>
> As you can see, dig works for terra, not for it's IP:
>
> pluto /etc/systemd # dig a +short terra.eglifamily.name
> 192.168.10.128
> pluto /etc/systemd # dig a -x +short 192.168.10.128
> pluto /etc/systemd # dig ptr -x 192.168.10.128
> ; <<>> DiG 9.16.6 <<>> ptr -x 192.168.10.128
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 14327
> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
>
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 4096
> ; COOKIE: 0de11839ad25b1b5010000005fe51320c8672852930cb66c (good)
> ;; QUESTION SECTION:
> ;128.10.168.192.in-addr.arpa. IN PTR
>
> ;; AUTHORITY SECTION:
> 10.168.192.in-addr.arpa. 60 IN SOA pluto.eglifamily.name.
> dan.eglifamily.name. 2 1800 300 86400 60
>
> ;; Query time: 0 msec
> ;; SERVER: 127.0.0.1#53(127.0.0.1)
> ;; WHEN: Thu Dec 24 15:16:00 MST 2020
> ;; MSG SIZE rcvd: 145
>
> pluto /etc/systemd # dig +short ptr -x 192.168.10.128
> pluto /etc/systemd #
>
> So, pluto is obviously recognized as the SOA for 192.168.10.x, which is
> good. Why then is dhcpd only sending a forward mapping?
>
> FWIW, although they haven't changed, I'll repost the zone files and the
> config files.
>
> eglifamily.zone:
>
> $ORIGIN .
> $TTL 21600 ; 6 hours
> eglifamily.name IN SOA pluto.eglifamily.name. dan.eglifamily.name.
> (
> 4 ; serial
> 1800 ; refresh (30 minutes)
> 300 ; retry (5 minutes)
> 86400 ; expire (1 day)
> 60 ; minimum (1 minute)
> )
> NS pluto.eglifamily.name.
> MX 1 jupiter.eglifamily.name.
> charon A 192.158.10.1
> jupiter A 192.168.10.3
> pluto A 192.168.10.2
> $TTL 1800 ; 30 minutes
> terra A 192.168.10.128
> TXT "311fd3292f4dc507ed06f247665a4ac9ab"
>
> That's after terra gets registered, obviously. But at the same time,
> here's the reverse zone.
>
> 10.168.192.arpa.zone:
> $TTL 10m
> @ IN SOA pluto.eglifamily.name. dan.eglifamily.name. (
> 2 ; serial
> 30m ; refresh
> 5m ; retry
> 1d ; expire
> 1m ; negative response cache
> )
> NS pluto.eglifamily.name.
> 1 PTR charon.eglifamily.name.
> 2 PTR pluto.eglifamily.name.
> 3 PTR jupiter.eglifamily.name.
>
> Notice no PTR to terra. As to config files, here's dhcpd:
>
> default-lease-time 3600;
> max-lease-time 43200;
>
> ddns-update-style interim;
>
> authoritative;
> log-facility local1;
>
>
> allow booting;
>
> subnet 10.0.0.0 netmask 255.0.0.0 {
> # no services at all! That's the llnk from the ISP. Don't touch it!
> }
>
>
> subnet 192.168.10.0 netmask 255.255.255.0 {
> interface enp0s8;
> range 192.168.10.128 192.168.10.254;
> if exists user-class and option user-class = "iPXE" {
> filename "pxelinux.efi";
> } else {
> filename "pxelinux.0";
> }
> next-server 192.168.10.3;
> option domain-name-servers 192.168.10.2;
> option domain-name "eglifamily.name";
> option routers 192.168.10.1;
>
> }
>
> host fixed-1 {
> hardware ethernet 08:00:27:D5:AA:3C;
> fixed-address 192.168.10.64;
> option host-name "fixed-1";
> ddns-hostname "fixed-1.eglifamily.name";
> }
>
>
> And here's named.conf:
>
>
> On 12/22/2020 7:48 AM, /etc/bind/named.conf
> acl "xfer" {
> none;
> };
> acl "trusted" {
> 10.0.2.15/32;
> 192.168.10.0/24;
> 127.0.0.0/8;
> ::1/128;
> # eventualy add valid IPv6 addresses here.
> };
>
> acl "myself" {
> 127.0.0.0/24;
> ::1/128;
> 192.168.10.2/32;
> 10.0.2.15/32;
> };
>
> options {
> directory "/var/bind";
> pid-file "/run/named/named.pid";
> tkey-gssapi-keytab "/var/lib/samba/bind-dns/dns.keytab";
> minimal-responses yes;
>
>
> listen-on-v6 { none; }; // for now
> listen-on { 192.168.10.2; 127.0.0.1; };
>
> allow-query {
> trusted;
> };
>
> allow-query-cache {
> trusted;
> };
>
> allow-recursion {
> trusted;
> };
>
> allow-transfer {
> none;
> };
>
> allow-update {
> myself;
> };
>
> dnssec-validation auto;
> };
>
>
> logging {
> channel default_log {
> file "/var/log/named/named.log" versions 5 size 50M;
> print-time yes;
> print-severity yes;
> print-category yes;
> };
>
> category default { default_log; };
> category general { default_log; };
> };
>
>
> include "/etc/bind/rndc.key";
> controls {
> inet 127.0.0.1 port 953 allow { 127.0.0.1/32; ::1/128; } keys {
> "rndc-key"; };
> };
>
> zone "localhost" IN {
> type master;
> file "pri/localhost.zone";
> notify no;
> };
>
> zone "eglifamily.name" {
> type master;
> file "pri/eglifamily.zone";
> notify yes;
> };
>
>
> zone "10.168.192.in-addr.arpa" {
> type master;
> file "pri/10.168.192.arpa.zone";
> notify yes;
> };
>
> include "/var/lib/samba/bind-dns/named.conf";
>
> So, what is wrong?
>
>
> --
>
> Dan Egli
> From my Test Server
>
> _______________________________________________
> ISC funds the development of this software with paid support
> subscriptions. Contact us at https://www.isc.org/contact/ for more
> information.
>
> dhcp-users mailing list
> dhcp-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<https://lists.isc.org/pipermail/dhcp-users/attachments/20201224/07691d4b/attachment.htm>
------------------------------
Subject: Digest Footer
_______________________________________________
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
dhcp-users mailing list
dhcp-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/dhcp-users
------------------------------
End of dhcp-users Digest, Vol 146, Issue 12
*******************************************
