Re: Bind 9 and DHCP reverse lookup problem

From: Alexey Fadyushin (fab_at_s-tunnel.com)
Date: 01/31/05

  • Next message: Navneet Choudhary: "Re: howto clear bash history?" 
    Date: Mon, 31 Jan 2005 18:24:01 +0300
To: enricop@pharma.co.za, General Red Hat Linux discussion list <redhat-list@redhat.com>

    I think that the problem is in the BIND configuration. DHCPD tries to
    add name 203.129.16.172.in-addr.arpa. (i.e. name 203 into zone
    129.16.172.in-addr.arpa.). However from the BIND's point of view there
    is no such zone in its database - in knows only about the zone
    128.16.172.in-addr.arpa. Only DHCPD knows that both zones form a part of
    the same network. Therefore, BIND does not update the zone for which it
    is not authoritative.

    I think that you should create zone files for zones
    129.16.172.in-addr.arpa., 130.16.172.in-addr.arpa. and
    131.16.172.in-addr.arpa. and include them into BIND configuration in the
    same way as zone 128.16.172.in-addr.arpa.

    Alexey Fadyushin.
    Brainbench MVP for Linux.
    http://www.brainbench.com

    Enrico Payne wrote:

    > Hi,
    >
    > I am running RH9 with Bind 9.2.1 and DHCP (isc-dhcpd-V3.0pl9).
    >
    > I have configured DHCP to automatically update the DNS with the
    > appropriate ip address and FQDN, and it works fine for the A records,
    > but when it tries to add an entry into the xxx.xxx.xxx-addr-arpa. File
    > it fails. I have scoured the various how-to's, man pages and the various
    > faq e-mail groups etc, and I can not find anything that gives me a clue
    > where to look, so I now come to the community to appeal for help.
    >
    > NOTE: This is a class B subnet with 1024 addresses per subnet, starting
    > at x.x.128.0 and ending on x.x.131.255
    >
    > Regards
    > Enrico
    >
    >
    > This is the error I receive.
    > ============================
    > Jan 31 12:43:30 jbpn1 dhcpd: if IN A devel.jbpn. domain doesn't exist
    > add 216000 IN A devel.jbpn. 172.16.129.203 add 216000 IN TXT devel.jbpn.
    > "31eafe525c06abfba4c22f09c77d27fd93": success.
    > Jan 31 12:43:30 jbpn1 dhcpd: delete IN PTR 203.129.16.172.in-addr.arpa.
    > add 216000 IN PTR 203.129.16.172.in-addr.arpa. devel.jbpn.: not
    > authorized.
    > Jan 31 12:43:30 jbpn1 dhcpd: DHCPREQUEST for 172.16.129.203 from
    > 00:11:0a:3e:dd:9b (devel) via eth0
    > Jan 31 12:43:30 jbpn1 dhcpd: DHCPACK on 172.16.129.203 to
    > 00:11:0a:3e:dd:9b (devel) via eth0
    >
    > My dhcpd.conf file looks like this.
    > ===================================
    >
    > default-lease-time 432000;
    > max-lease-time 604800;
    > option domain-name-servers 172.16.128.29;
    > option domain-name "jbpn.";
    > #
    > key mydhcpserver {
    > algorithm hmac-md5;
    > secret "Some MD5 Key data";
    > };
    > #
    > subnet 172.16.128.0 netmask 255.255.252.0 {
    > ddns-updates on;
    > range 172.16.129.96 172.16.131.254;
    > option subnet-mask 255.255.252.0;
    > option broadcast-address 172.16.131.255;
    > option routers 172.16.128.3;
    > authoritative;
    > zone jbpn. { primary 172.16.128.29; key mydhcpserver; }
    > zone 128.16.172.in-addr.arpa. { primary 172.16.128.29; key
    > mydhcpserver; }
    > }
    >
    >
    > My named.conf file looks like this.
    > ===================================
    > options {
    > directory "/var/named";
    > query-source address * port 53;
    > };
    >
    > logging {
    > channel update_debug {
    > file "/var/log/update-debug.log";
    > severity debug 3;
    > print-category yes;
    > print-severity yes;
    > print-time yes;
    > };
    > channel security_info {
    > file "/var/log/named-th.info";
    > severity info;
    > print-category yes;
    > print-severity yes;
    > print-time yes;
    > };
    >
    > category update { update_debug; };
    > category security { security_info; };
    > };
    >
    > key mydhcpserver {
    > algorithm hmac-md5;
    > secret "Some MD5 Key data";
    > };
    >
    > zone "." {
    > type hint;
    > file "named.ca";
    > };
    >
    > zone "jbpn." {
    > type master;
    > file "named.jbpn";
    > allow-query { any; };
    > allow-update { key mydhcpserver; };
    > };
    >
    > zone "128.16.172.in-addr.arpa" {
    > type master;
    > file "named.172.16.128";
    > allow-query { any; };
    > allow-update { key mydhcpserver; };
    > };
    >
    > --
    > ___________________________________________
    > Visit us at http://www.pharma.co.za.
    > This e-mail has been scanned for viruses.
    > Pharma Natura will not be held responsible
    > for the loss of data or any other loss
    > caused by the use of the information
    > contained in this e-mail.
    > 

    -- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
  • Next message: Navneet Choudhary: "Re: howto clear bash history?"

    Relevant Pages

    • Re: Dynamic DNS with DHCPD times out on SuSE 8.2
      ... > clients are accepting all IP address, wins, gateway settings, but ... > dhcpd is not dynamically updating named. ... Where is the reverse zone for 2.168.192-in-addr.arpa??? ...
      (alt.os.linux.suse)
    • Re: lame servers resolving
      ... On Thu, 2004-06-24 at 10:20, Alexander Dalloz wrote: ... >> Is this normal or does it mean that something is misconfigured or missing ... >> in the bind configuration. ... perhaps because it hasn't been configured to load the zone ...
      (Fedora)
    • NS 127.0.0.1 not reachable
      ... I am running Fedora Core 2 and have turned iptables off to troubleshoot DNS. ... zone "2.168.192.in-addr.arpa" in { ... allow-query; ...
      (comp.os.linux.networking)
    • Re: Dynamic DNS Woes
      ... zone "flyers.stark.k12.oh.us" { ... notify yes; ...
      (comp.protocols.dns.bind)
    • Re: multiple internal views not working (requested conf files and logs)
      ... zone "5.x.10.in-addr.arpa" { ... notify yes; ...
      (comp.protocols.dns.bind)