Discussion:
DDNS updates for zone having multiple primary servers
kraishak
2021-03-31 07:55:44 UTC
Permalink
Hi Glenn,
Thanks for the reply,
For the zone setting, have you had a look at the dhcpd.conf man page, in
particular the section titled "DYNAMIC DNS UPDATE SECURITY" where it
explains the syntax and behaviour.
It's not clear whether it is a comma separated list of secondaries,
ormultiple secondary statements with a single address.

yes I tried checking in the man pages and document but it is not clear and
there is no specific note that tells this DDNS updates can be suitable only
for the zones which have only one primary and one secondary, so I thought of
checking with dhcp-users if any one tried or having any experience for that


Thanks
Kraishak




--
Sent from: http://isc-dhcp-users.2343191.n4.nabble.com/
_______________________________________________
ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.

dhcp-users mailing list
dhcp-***@lists.isc.org
https://lists.isc.org/mailman/listinfo/dhcp-users
kraishak
2021-03-31 10:08:15 UTC
Permalink
Hi Glenn,

Thanks for sharing your observation much appreciated the help

Regards
Kraishak




--
Sent from: http://isc-dhcp-users.2343191.n4.nabble.com/
_______________________________________________
ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.

dhcp-users mailing list
dhcp-***@lists.isc.org
https://lists.isc.org/mailman/listinfo/dhcp-users
kraishak
2021-04-01 09:16:40 UTC
Permalink
Hi Glenn/ Team

I have one more doubt what is the difference between the options domain-name
(option-15) and ddns-domain-name, I don't see much difference between them
can any one please guide me.
Sorry I know it is too many questions in one thread but I want to get
clarify before I use these DDNS options

Thanks in Advance
Kraishak





--
Sent from: http://isc-dhcp-users.2343191.n4.nabble.com/
_______________________________________________
ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.

dhcp-users mailing list
dhcp-***@lists.isc.org
https://lists.isc.org/mailman/listinfo/dhcp-users
g***@uniq.com.au
2021-04-01 10:53:37 UTC
Permalink
Hi Kraishak

Options are setting sent to the client to configure the client
behaviour. ddns-domainame is a setting to configure how dhcpd server
performs dynamic DNS updates.

option domain-name "example.org";

this is the equivalent of setting the domain function in
/etc/resolv.conf, that is, it is the domain to add to an unqualified
name. So if user looks up the name "foo" it will try "foo.example.org".
See dhcp-options man page for options that are sent to configure the
client.

ddns-domain-name "desktop.example.org";

this is the domain the dhcp server should add to an unqualified name
when forming a fully qualified name for updating in the DNS system. So
host "foo" is to go into DNS as "foo.desktop.example.org". See
dhcpd.conf man page.

So you might put all your clients in a sub-domain, eg laptop "foo" goes
in desktop.example.org. But all your servers are in the top level, eg
server1.example.org. So you would have

option domain-name "example.org";
ddns-domainname "desktop.example.org";

regards,
Glenn
Post by kraishak
Hi Glenn/ Team
I have one more doubt what is the difference between the options domain-name
(option-15) and ddns-domain-name, I don't see much difference between them
can any one please guide me.
Sorry I know it is too many questions in one thread but I want to get
clarify before I use these DDNS options
Thanks in Advance
Kraishak
--
Sent from: http://isc-dhcp-users.2343191.n4.nabble.com/
_______________________________________________
ISC funds the development of this software with paid support
subscriptions. Contact us at https://www.isc.org/contact/ for more
information.
dhcp-users mailing list
https://lists.isc.org/mailman/listinfo/dhcp-users
_______________________________________________
ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.

dhcp-users mailing list
dhcp-***@lists.isc.org
https://lists.isc.org/mailman/listinfo/dhcp-users
Simon Hobson
2021-04-02 09:12:46 UTC
Permalink
Thanks for your explanation about the "option domain-name" and
"ddns-domainname", So based on my network-level setup we configure this
values, these values can be same or can be different
Correct
And want to confirm one more point that the zone section will be added only
for the "ddns-domainname" value am i right ?
I don't quite understand the question here, however ...

The process the server will take is roughly :

Client gets a lease, the server will take it's hostname (whether provided by the client, or provided by the config (e.g. in a host declaration)) and join it with ddns-domainname to form a FQDN for the client.

IFF an existing lease record indicates that DNS updates have already been done for this client&FQDN (and the server hasn't been told to always do updates), then that's it. Otherwise ...

It will then lookup the primary server for the client's domain. If there is a matching zone statement, then it will use the primary server specification given there, if not then it will do a DNS lookup for the SOA record of the zone and use the primary server specified in that.

The server will then attempt to do the DNS updates, which may fail if there are clashes or stale data in the zone.


Simon

_______________________________________________
ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.

dhcp-users mailing list
dhcp-***@lists.isc.org
https://lists.isc.org/mailman/listinfo/dhcp-users
kraishak
2021-04-02 10:26:05 UTC
Permalink
Hi Simon
Thanks for reply,
Post by Simon Hobson
I don't quite understand the question here, however ...
--->I am clear with zone section now, but have a doubt with domain-name
fields
Thanks for your explanation about the "option domain-name" and
"ddns-domainname", So based on my network-level setup we configure this
values, these values can be same or can be different
Post by Simon Hobson
Post by Simon Hobson
Correct
Regarding this, I am sorry I didn't complete my question, Actually my doubt
was can we configure like below
subnet 192.168.0.0 netmask 255.255.255.0 {
pool {
range 192.168.0.50 192.168.0.150;

}
ddns-domainname "example.com";
option domain-name "test.com";
option routers 192.168.0.1;
option subnet-mask 255.255.255.0;
}

zone example.com.
{
primary 192.168.0.45;
secondary 192.168.0.47,192.168.0.48;
}
i.e option domain-name is different and ddns-domainname is totally
different not like domain and sub-domain concept
I checked the dhcpd syntax it is not giving any error but want to cross
check is this can be a valid configuration?

Thanks
Kraishak




--
Sent from: http://isc-dhcp-users.2343191.n4.nabble.com/
_______________________________________________
ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.

dhcp-users mailing list
dhcp-***@lists.isc.org
https://lists.isc.org/mailman/listinfo/dhcp-users
Simon Hobson
2021-04-02 18:34:34 UTC
Permalink
Post by kraishak
Regarding this, I am sorry I didn't complete my question, Actually my doubt
was can we configure like below
subnet 192.168.0.0 netmask 255.255.255.0 {
pool {
range 192.168.0.50 192.168.0.150;
}
ddns-domainname "example.com";
option domain-name "test.com";
option routers 192.168.0.1;
option subnet-mask 255.255.255.0;
}
zone example.com.
{
primary 192.168.0.45;
secondary 192.168.0.47,192.168.0.48;
}
i.e option domain-name is different and ddns-domainname is totally
different not like domain and sub-domain concept
Yes, that is valid as far as DHCP is concerned.
It would just be an odd setup since the client would believe that it was ***@test.com while the DNS would be updated with somedomain.example.com.


Simon

_______________________________________________
ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.

dhcp-users mailing list
dhcp-***@lists.isc.org
https://lists.isc.org/mailman/listinfo/dhcp-users
kraishak
2021-04-15 10:52:19 UTC
Permalink
Hi All,

zone example.com.
{
primary 192.168.0.45;
secondary 192.168.0.47;
}
I have noticed that in DDNS updates flow if the primary is down for some
reason, DHCP is not sending any DDNS updates to secondary server is this the
expected behavior?

Getting below error
Unable to add forward map from n54c5-000001.example.com to 192.168.0.86:
NOTIMP

Does any one have any idea/experience of DDNS flow when primary DNS server
is down

Thanks in Advance
Kraishak




--
Sent from: http://isc-dhcp-users.2343191.n4.nabble.com/
_______________________________________________
ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.

dhcp-users mailing list
dhcp-***@lists.isc.org
https://lists.isc.org/mailman/listinfo/dhcp-users

Simon Hobson
2021-04-01 19:17:24 UTC
Permalink
My understanding from a long time ago (as in >5 years) was that that dynamic dns updates are only sent to the primary DNS server. The primary is expected to forward to all the secondaries.
I've not seen anything to suggest that has changed.

In the absence of a zone declaration, the primary DNS server is determined by looking at the SOA record for the zone - so without keys setup, a correctly configured DNS setup will automagically get updates as long as updates are allowed (e.g. by IP address). If a zone declaration is present, then the server specified in that is used.

Simon

_______________________________________________
ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.

dhcp-users mailing list
dhcp-***@lists.isc.org
https://lists.isc.org/mailman/listinfo/dhcp-users
Loading...