I have questions about the dhcp and the dynamic DNS:
I have installed dns and dhcp on my Tumbleweed system and configured with those with YaST:
I defined a domain pce23.net and an address range from 192.168.1.160 to 192.168.1.199 for more details see the dhcp cong and named.conf below
Dhcp server is working and gives an IP address, DNS server, router to the different PC who connect.
DNS seems half working:
If I connect a windows laptop which is configured to another domain (company.com) I see the next messages in journalctl
Oct 24 05:59:11 hpprol2 dhcpd[25094]: DHCPREQUEST for 10.21.102.50 from ec:f4:bb:2c:fe:2b via br0: wrong network.
Oct 24 05:59:11 hpprol2 dhcpd[25094]: DHCPNAK on 10.21.102.50 to ec:f4:bb:2c:fe:2b via br0
Oct 24 05:59:11 hpprol2 dhcpd[25094]: DHCPDISCOVER from ec:f4:bb:2c:fe:2b via br0
Oct 24 05:59:12 hpprol2 dhcpd[25094]: DHCPOFFER on 192.168.1.188 to ec:f4:bb:2c:fe:2b (BEBRNPCONDE01) via br0
Oct 24 05:59:12 hpprol2 dhcpd[25094]: Wrote 32 leases to leases file.
Oct 24 05:59:12 hpprol2 dhcpd[25094]: DHCPREQUEST for 192.168.1.188 (192.168.1.120) from ec:f4:bb:2c:fe:2b (BEBRNPCONDE01) via br0
Oct 24 05:59:12 hpprol2 dhcpd[25094]: DHCPACK on 192.168.1.188 to ec:f4:bb:2c:fe:2b (BEBRNPCONDE01) via br0
Oct 24 05:59:12 hpprol2 dhcpd[25094]: Added reverse map from 188.1.168.192.in-addr.arpa. to BEBRNPCONDE01.company.com
If I connect a laptop, a desktop or a smartphone which is not configured to a domain I receive these messages
Oct 24 00:29:49 hpprol2 dhcpd[25094]: DHCPREQUEST for 192.168.1.174 from 98:ee:cb:68:2c:23 (DESKTOP-5K2FNOQ) via br0
Oct 24 00:29:49 hpprol2 dhcpd[25094]: DHCPACK on 192.168.1.174 to 98:ee:cb:68:2c:23 (DESKTOP-5K2FNOQ) via br0
Oct 24 00:29:49 hpprol2 dhcpd[25094]: Forward map from hpprol2.pce23.net. to 192.168.1.174 FAILED: Has an address record but no DHCID, not mine.
or
Oct 23 19:25:32 hpprol2 dhcpd[24016]: DHCPDISCOVER from e8:93:09:8b:9f:cf via br0
Oct 23 19:25:33 hpprol2 dhcpd[24016]: DHCPOFFER on 192.168.1.168 to e8:93:09:8b:9f:cf (android-9cc9244667c031bd) via br0
Oct 23 19:25:33 hpprol2 dhcpd[24016]: DHCPREQUEST for 192.168.1.168 (192.168.1.120) from e8:93:09:8b:9f:cf (android-9cc9244667c031bd) via br0
Oct 23 19:25:33 hpprol2 dhcpd[24016]: DHCPACK on 192.168.1.168 to e8:93:09:8b:9f:cf (android-9cc9244667c031bd) via br0
Oct 23 19:25:33 hpprol2 dhcpd[24016]: Forward map from hpprol2.pce23.net. to 192.168.1.168 FAILED: Has an address record but no DHCID, not mine.
Somebody has an explanation about this?
Does the reverse map only work when the PC are on a domain? All the pc are with windows10 or android (smartphone)
here the dhcpd.conf
option domain-name "pce23.net.";
include "/etc/dhcp/dhcpd.conf/pcekey";
authoritative ;
ddns-updates on;
ddns-update-style interim;
update-static-leases on;
default-lease-time 21600;
zone pce23.net. { primary 192.168.1.120; key PCEKEY; }
zone 1.168.192.in-addr.arpa. { primary 192.168.1.120; key PCEKEY; }
allow client-updates;
subnet 192.168.1.0 netmask 255.255.255.0 {
option routers 192.168.1.1;
option domain-name-servers 192.168.1.120;
range 192.168.1.160 192.168.1.199;
ddns-domainname "pce23.net.";
ddns-rev-domainname "in-addr.arpa.";
ddns-hostname "hpprol2";
# allow client update ==> is client joe.a.b connect to c.d then no a record A
# in direct zone but PTR in reverse zone for joe.a.b
allow unknown-clients;
zone pce23.net. { primary 192.168.1.120; key PCEKEY; }
zone 1.168.192.in-addr.arpa. { primary 192.168.1.120; key PCEKEY; }
}
the named.conf
# Copyright (c) 2001-2004 SuSE Linux AG, Nuernberg, Germany.
# All rights reserved.
#
# Author: Frank Bodammer, Lars Mueller <lmuelle@suse.de>
#
# /etc/named.conf
#
options {
# The directory statement defines the name server's working directory
directory "/var/lib/named";
dump-file "/var/log/named_dump.db";
statistics-file "/var/log/named.stats";
listen-on port 53 { 127.0.0.1; 192.168.1.120; };
listen-on-v6 { none; };
allow-query { 127.0.0.1; 192.168.1.0/24; };
notify yes;
recursion yes;
disable-empty-zone "1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA";
include "/etc/named.d/forwarders.conf";
listen-on { 127.0.0.1; 192.168.1.0/24; };
allow-recursion { 127.0.0.1; 192.168.1.0/24; };
};
include "/etc/named.conf.include";
acl home { 192.168.0.0/24; 127.0.0.1; };
logging {
category queries { log_file; };
channel log_file { file "/var/log/dnsquery.log" versions 3 size 2M; };
category xfer-in { log_file; };
category xfer-out { log_file; };
category default { log_file; };
};
# The following zone definitions don't need any modification. The first one
# is the definition of the root name servers. The second one defines
# localhost while the third defines the reverse lookup for localhost.
zone "." in {
type hint;
file "root.hint";
};
zone "localhost" in {
type master;
file "localhost.zone";
};
zone "0.0.127.in-addr.arpa" in {
type master;
file "127.0.0.zone";
};
# You can insert further zone records for your own domains below or create
# single files in /etc/named.d/ and add the file names to
# NAMED_CONF_INCLUDE_FILES.
# See /usr/share/doc/packages/bind/README.SUSE for more details.
zone "pce23.net" in {
type master;
file "dyn/pce23.net";
allow-query { 192.168.1.0/24; };
allow-update { key PCEKEY; };
notify no;
allow-transfer { any; };
};
zone "1.168.192.in-addr.arpa" in {
type master;
# allow-transfer { any; };
file "dyn/1.168.192.in-addr.arpa";
allow-query { 192.168.1.0/24; };
allow-update { key PCEKEY; };
notify no;
allow-transfer { any; };
};
zone "doubleclick.net" in { type master; file "dyn/dummy.zone"; };
zone "api.steampowered.com" in { type master; file "dyn/dummy.zone"; };
Thanks Tsu,
i followed your link, (when googling for this error message I had already read this and a lot of other sites giving +/- then same advise )
but I think it is not the problem because there are no records PTR or TXT in the zones
Here the domain zone after the freeze (which should also force the flush of the journals to the zones)
hpprol2:/var/lib/named/dyn # rndc freeze
hpprol2:/var/lib/named/dyn # cat pce23.net
$TTL 172800 ; 2 days
pce23.net. IN SOA hpprol2.pce23.net. root.hpprol2.pce23.net. (
2017102100
10800
3600
604800
86400 )
@ IN NS hpprol2
hpprol2 IN A 192.168.1.120
router IN A 192.168.1.1
hp200 IN A 192.168.1.50
hpphil.pce23.net. IN CNAME hpprol2.pce23.net.
catalog23.pce23.net. IN A 192.168.1.100
As you can see the only dynamic PTR record is for the laptop using a domain (BEBRNPCONDE01), there are no PTR or TXT record for the other PC/laptop
Remark that there is no TXT record for the laptop BEBRNPCONDE01
The catalog23 is an IP alias of 192.168.1.120 used for apache
The hp200 is a HP printer (lpd)
I have the feeling that something is wrong in named.conf but I checked it many times and did not found an error.
the laptop with domain is correctly inserted so this means that the dynamic update works but there is no TXT record (?).
The other PC/laptop are not member of a domain because I have no domain controller on my home lan.
So I think that my problem is related to this but I never found something related in all the stuff that I read about dynamic dns update.
Perhaps you might also consider whether you really need to configure Dynamic DNS or not…
There is a clear reason to do so in networks where you want to touch every machine remotely so need to always be able to connect to every machine by name, perhaps the most common scenario is when you implement machine configuration and management through network security like Active Directory. If you commonly configure network shares on a great number of Workstations instead of only on Servers might be another scenario.
Otherwise, and particularly for small networks there might not be a good reason to implement Dynamic DNS… Machines can self-configure sufficiently with logon or boot scripts and if a machine needs attention you can simply walk over to that machine to do what is needed. For these networks, you don’t need Dynamic DNS when all network services are served from Servers with static addresses or reserved leases.
Also, as I described you can set your DHCP leases to be at least twice as long as the longest time any machine is disconnected from your network. If you have enough IP addresses in the DHCP scope to support all machines that will ever connect to your network, this would not be a problem… The main reason for IP addresses to be re-allocated is if you support many more machines than what is available.
You are right but I want to learn more about dynamic DNS so the reason of testing on my personal lan.
I’ll need more knowledge about this (and other points) for my work in the future.
I haven’t set up exactly what you are trying to do,
But let me hazard a guess…
That the auto update only works when there is a defined dns domain.
Your Windows box is configured with a known domain, so the zone exists and therefor records in that zone are updating.
But,
For your other devices, they’re probably configured with random domains with no existing DNS zones for those domains, unless you configure them as DHCP clients that impose a name (which would include a domain name).
If my guess is correct,
then you’ll need to manually create zones for all your devices which aren’t already a member of your company Domain.
To make things easier, you may want to configure all your non-Domain devices to either have their own domain or if you don’t mind the possible confusion assign them name with your company Domain. In that latter case, of course they wouldn’t be able to logon to your Company Domain unless they’re also joined to your Domain, but it might solve your updating issue.
Still,
As I described, I can’t think of a practical reason for you to do this because Dynamic DNS updating only makes sense within a proper Domain.
But, if you’re simply trying to educate yourself you can try what I suggest which might work but should never really be necessary “in real life.”