It's a two level domain. BTW. Something to add. It happens with an Ubuntu Zesty (17.04) client. This has freeipa 4.4.x while the rest of the network (and server) runs with freeipa 4.3.x
On 15-04-17 17:29, Jake wrote: > is your "mydomain" actually a one level tld or example.com > > ----- Original Message ----- > From: "Kees Bakker" <ke...@ghs.com> > To: "freeipa-users" <freeipa-users@redhat.com> > Sent: Thursday, April 13, 2017 10:30:33 AM > Subject: [Freeipa-users] Using fqdn in /etc/hostname causes duplicate domain > in DHCP dyndns update > > Hey, > > Hopefully someone here can hint me towards a (easier) solution. > > In short, for correct DHCP-DDNS updates there should be a non-fqdn in > /etc/hostname > To install IPA client I am forced to have a fqdn in /etc/hostname. But now > the DHCP-DDNS > results in duplicated domain portion of the DNS entries. > > The details. > We have a FreeIPA environment with DNS and DHCP. I've configured bind and > dhcpd to do DDNS. For the most part it is working as expected. > > When the hostname of a system is a non-fqdn the end result is what I want to > see. Say I have > /etc/hostname: test02 > then after it started up there is a new forward map (using "mydomain" here > instead of the real thing). > test01 -> 172.16.16.252 > and a reverse map in 16.16.172.in-addr.arpa zone > 252 -> test02.mydomain > > Some lines from /var/log/syslog > dhcpd[82333]: DHCPOFFER on 172.16.16.252 to 00:16:3e:8e:91:12 (test02) via > eno1 > named-pkcs11[82428]: client 172.16.16.75#23238/key dhcp_updater: updating > zone 'mydomain/IN': adding an RR at 'test02.mydomain' A 172.16.16.252 > dhcpd[82333]: DHCPREQUEST for 172.16.16.252 (172.16.16.75) from > 00:16:3e:8e:91:12 (test02) via eno1 > dhcpd[82333]: DHCPACK on 172.16.16.252 to 00:16:3e:8e:91:12 (test02) via eno1 > named-pkcs11[82428]: client 172.16.16.75#23238/key dhcp_updater: updating > zone 'mydomain/IN': adding an RR at 'test02.mydomain' DHCID > AAAB6QGH0W+JCSMwrj9sQVCeh5PToZAmWZvMpgiEtXHrZgE= > dhcpd[82333]: Added new forward map from test02.mydomain to 172.16.16.252 > named-pkcs11[82428]: client 172.16.16.75#23238/key dhcp_updater: updating > zone '16.16.172.in-addr.arpa/IN': adding an RR at > '252.16.16.172.in-addr.arpa' PTR test02.mydomain. > dhcpd[82333]: Added reverse map from 252.16.16.172.in-addr.arpa. to > test02.mydomain > > However, when I want to add this system as a IPA client I am forced to > fill in a fqdn in /etc/hostname. So I change /etc/hostname to have > test01.mydomain > The provisioning succeeds and all seems well. > > But after a reboot the system requests DHCP to register as test01.mydomain. > And > the DHCP server does a DNS update for test01.mydomain.mydomain. > The DNS zone for mydomain now has > test01 for all the SSHFP records > test01.mydomain for the A record > The reverse map for 16.16.172.in-addr.arpa has > 231 -> test01.mydomain.mydomain > > named-pkcs11[82428]: client 172.16.16.75#61759/key dhcp_updater: updating > zone 'mydomain/IN': deleting an RR at test02.mydomain A > dhcpd[4550]: DHCPREQUEST for 172.16.16.252 from 00:16:3e:8e:91:12 (test02) > via eno1 > dhcpd[4550]: DHCPACK on 172.16.16.252 to 00:16:3e:8e:91:12 (test02.mydomain) > via eno1 > dhcpd[4550]: Removed forward map from test02.mydomain to 172.16.16.252 > named-pkcs11[82428]: client 172.16.16.75#61759/key dhcp_updater: updating > zone 'mydomain/IN': deleting an RR at test02.mydomain DHCID > named-pkcs11[82428]: client 172.16.16.75#61759/key dhcp_updater: updating > zone 'mydomain/IN': adding an RR at 'test02.mydomain.mydomain' A 172.16.16.252 > named-pkcs11[82428]: client 172.16.16.75#61759/key dhcp_updater: updating > zone 'mydomain/IN': adding an RR at 'test02.mydomain.mydomain' DHCID > AAAB+5EmVxuf4utDMDZxjqAiqIds6Briv5awEp5W3whNsLc= > dhcpd[4550]: Added new forward map from test02.mydomain.mydomain to > 172.16.16.252 > named-pkcs11[82428]: client 172.16.16.75#61759/key dhcp_updater: updating > zone '16.16.172.in-addr.arpa/IN': adding an RR at > '252.16.16.172.in-addr.arpa' PTR test02.mydomain.mydomain. > dhcpd[4550]: Added reverse map from 252.16.16.172.in-addr.arpa. to > test02.mydomain.mydomain > > > To work around I then change the /etc/hostname back to test01, restart > the network and everything if fine afterwards. > > named-pkcs11[82428]: client 172.16.16.75#61759/key dhcp_updater: updating > zone 'mydomain/IN': deleting an RR at test02.mydomain.mydomain A > dhcpd[4550]: DHCPRELEASE of 172.16.16.252 from 00:16:3e:8e:91:12 > (test02.mydomain) via eno1 (found) > dhcpd[4550]: Removed forward map from test02.mydomain.mydomain to > 172.16.16.252 > named-pkcs11[82428]: client 172.16.16.75#61759/key dhcp_updater: updating > zone 'mydomain/IN': deleting an RR at test02.mydomain.mydomain DHCID > dhcpd[4550]: DHCPOFFER on 172.16.16.252 to 00:16:3e:8e:91:12 (test02) via eno1 > named-pkcs11[82428]: client 172.16.16.75#61759/key dhcp_updater: updating > zone 'mydomain/IN': update unsuccessful: test02.mydomain: 'name not in use' > prerequisite not satisfied (YXDOMAIN) > dhcpd[4550]: DHCPREQUEST for 172.16.16.252 (172.16.16.75) from > 00:16:3e:8e:91:12 (test02) via eno1 > dhcpd[4550]: DHCPACK on 172.16.16.252 to 00:16:3e:8e:91:12 (test02) via eno1 > named-pkcs11[82428]: client 172.16.16.75#61759/key dhcp_updater: updating > zone 'mydomain/IN': deleting rrset at 'test02.mydomain' DHCID > named-pkcs11[82428]: client 172.16.16.75#61759/key dhcp_updater: updating > zone 'mydomain/IN': adding an RR at 'test02.mydomain' DHCID > AAAB6QGH0W+JCSMwrj9sQVCeh5PToZAmWZvMpgiEtXHrZgE= > named-pkcs11[82428]: client 172.16.16.75#61759/key dhcp_updater: updating > zone 'mydomain/IN': deleting rrset at 'test02.mydomain' A > named-pkcs11[82428]: client 172.16.16.75#61759/key dhcp_updater: updating > zone 'mydomain/IN': adding an RR at 'test02.mydomain' A 172.16.16.252 > dhcpd[4550]: Added new forward map from test02.mydomain to 172.16.16.252 > named-pkcs11[82428]: client 172.16.16.75#61759/key dhcp_updater: updating > zone '16.16.172.in-addr.arpa/IN': adding an RR at > '252.16.16.172.in-addr.arpa' PTR test02.mydomain. > dhcpd[4550]: Added reverse map from 252.16.16.172.in-addr.arpa. to > test02.mydomain -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
