Discussion:
DDNS for multiple zones
Kyle Johnson
2012-12-05 16:47:38 UTC
Permalink
Hello everyone,

I am attempting to configure a failover DHCP solution with DDNS and am
running into an issue with isc-dhcpd version 4.1.1. The issue seems to be
that if the ddns-domainname option is not configured in dhcpd.conf, the
DDNS update is not sent to the DNS server for any zone. That is, with
ddns-domainame commented out, dhcpd does not attempt to do any type of DDNS
updates.

Configuring a single ddns-domainname will not work as we have multiple
zones, each for a different domain. For this to work, I imagine that the
client (e.g. ESXi hosts, linux and windows servers) would need to send a
FQDN, which the DHCP server would then need to use when sending the DDNS
update to the DNS server.

What is the correct way to configure both DHCP and my clients to allow DDNS
to work for multiple zones (domains)?

Thanks,
Kyle
John Miller
2012-12-05 16:54:07 UTC
Permalink
Hi Kyle,

Since you're doing this with servers, could you just create a host group
for each of VMware, Linux, and Windows, put your hosts in there, then
specify a ddns-domainname for each group?

John
--
John Miller
Systems Engineer
Brandeis University
***@brandeis.edu
(781) 736-4619
Post by Kyle Johnson
Hello everyone,
I am attempting to configure a failover DHCP solution with DDNS and am
running into an issue with isc-dhcpd version 4.1.1. The issue seems to be
that if the ddns-domainname option is not configured in dhcpd.conf, the
DDNS update is not sent to the DNS server for any zone. That is, with
ddns-domainame commented out, dhcpd does not attempt to do any type of DDNS
updates.
Configuring a single ddns-domainname will not work as we have multiple
zones, each for a different domain. For this to work, I imagine that the
client (e.g. ESXi hosts, linux and windows servers) would need to send a
FQDN, which the DHCP server would then need to use when sending the DDNS
update to the DNS server.
What is the correct way to configure both DHCP and my clients to allow
DDNS to work for multiple zones (domains)?
Thanks,
Kyle
_______________________________________________
dhcp-users mailing list
https://lists.isc.org/mailman/listinfo/dhcp-users
Jason Gerfen
2012-12-05 17:00:08 UTC
Permalink
Assuming your current client/servers are a member of a subnet group perhaps
adding the zone definition to each of this will work. Reference:
http://markembling.info/2011/10/dhcp-and-dynamic-dns

Example:

subnet 10.25.0.0 netmask 255.255.0.0 {
range 10.25.10.1 10.25.10.254;
option routers 10.25.1.1;

zone 25.10.in-addr.arpa. {
primary 10.25.2.4;
key "rndc-key";
}

zone home.markembling.info. {
primary 10.25.2.4;
key "rndc-key";
}
}


In regards to not setting a default option within the global parameters
this may be by design.
Post by John Miller
Hi Kyle,
Since you're doing this with servers, could you just create a host group
for each of VMware, Linux, and Windows, put your hosts in there, then
specify a ddns-domainname for each group?
John
--
John Miller
Systems Engineer
Brandeis University
(781) 736-4619
Post by Kyle Johnson
Hello everyone,
I am attempting to configure a failover DHCP solution with DDNS and am
running into an issue with isc-dhcpd version 4.1.1. The issue seems to be
that if the ddns-domainname option is not configured in dhcpd.conf, the
DDNS update is not sent to the DNS server for any zone. That is, with
ddns-domainame commented out, dhcpd does not attempt to do any type of DDNS
updates.
Configuring a single ddns-domainname will not work as we have multiple
zones, each for a different domain. For this to work, I imagine that the
client (e.g. ESXi hosts, linux and windows servers) would need to send a
FQDN, which the DHCP server would then need to use when sending the DDNS
update to the DNS server.
What is the correct way to configure both DHCP and my clients to allow
DDNS to work for multiple zones (domains)?
Thanks,
Kyle
_______________________________________________
dhcp-users mailing list
https://lists.isc.org/mailman/listinfo/dhcp-users
_______________________________________________
dhcp-users mailing list
https://lists.isc.org/mailman/listinfo/dhcp-users
--
Jas
Kyle Johnson
2012-12-05 18:02:41 UTC
Permalink
Hi John,

Please forgive my ignorance if I am misunderstanding what you are getting
at. In my environment, the domain name is not determined by the type of
server. All linux servers will never be a member of x.domain.tld, and all
windows servers will never be a member of y.domain.tld. Also, as we are
not doing any type of static reservations and have no idea what the MAC
address of our servers will be before they're spun up (virtual hosts), I
couldn't group them by MAC addresses.

Thanks for your time!
Kyle
Post by John Miller
Hi Kyle,
Since you're doing this with servers, could you just create a host group
for each of VMware, Linux, and Windows, put your hosts in there, then
specify a ddns-domainname for each group?
John
--
John Miller
Systems Engineer
Brandeis University
(781) 736-4619
Post by Kyle Johnson
Hello everyone,
I am attempting to configure a failover DHCP solution with DDNS and am
running into an issue with isc-dhcpd version 4.1.1. The issue seems to be
that if the ddns-domainname option is not configured in dhcpd.conf, the
DDNS update is not sent to the DNS server for any zone. That is, with
ddns-domainame commented out, dhcpd does not attempt to do any type of DDNS
updates.
Configuring a single ddns-domainname will not work as we have multiple
zones, each for a different domain. For this to work, I imagine that the
client (e.g. ESXi hosts, linux and windows servers) would need to send a
FQDN, which the DHCP server would then need to use when sending the DDNS
update to the DNS server.
What is the correct way to configure both DHCP and my clients to allow
DDNS to work for multiple zones (domains)?
Thanks,
Kyle
_______________________________________________
dhcp-users mailing list
https://lists.isc.org/mailman/listinfo/dhcp-users
_______________________________________________
dhcp-users mailing list
https://lists.isc.org/mailman/listinfo/dhcp-users
Kyle Johnson
2012-12-05 18:30:42 UTC
Permalink
I may have been able to solve my problem by moving the ddns-domainname
option into the individual subnet blocks (of which I will have hundreds):

subnet 172.21.33.0 netmask 255.255.255.240 {
option subnet-mask 255.255.255.240;
option routers 172.21.33.1;
ddns-domainname "x.domain.tld.";
pool {
failover peer "dhcp-failover";
max-lease-time 1800; # 30 minutes
range 172.21.33.5 172.21.33.14;
}
}

Can anyone think of a reason why this either would not work, or should not
be done?

Thanks,
Kyle
Post by Kyle Johnson
Hi John,
Please forgive my ignorance if I am misunderstanding what you are getting
at. In my environment, the domain name is not determined by the type of
server. All linux servers will never be a member of x.domain.tld, and all
windows servers will never be a member of y.domain.tld. Also, as we are
not doing any type of static reservations and have no idea what the MAC
address of our servers will be before they're spun up (virtual hosts), I
couldn't group them by MAC addresses.
Thanks for your time!
Kyle
Post by John Miller
Hi Kyle,
Since you're doing this with servers, could you just create a host group
for each of VMware, Linux, and Windows, put your hosts in there, then
specify a ddns-domainname for each group?
John
--
John Miller
Systems Engineer
Brandeis University
(781) 736-4619
Post by Kyle Johnson
Hello everyone,
I am attempting to configure a failover DHCP solution with DDNS and am
running into an issue with isc-dhcpd version 4.1.1. The issue seems to be
that if the ddns-domainname option is not configured in dhcpd.conf, the
DDNS update is not sent to the DNS server for any zone. That is, with
ddns-domainame commented out, dhcpd does not attempt to do any type of DDNS
updates.
Configuring a single ddns-domainname will not work as we have multiple
zones, each for a different domain. For this to work, I imagine that the
client (e.g. ESXi hosts, linux and windows servers) would need to send a
FQDN, which the DHCP server would then need to use when sending the DDNS
update to the DNS server.
What is the correct way to configure both DHCP and my clients to allow
DDNS to work for multiple zones (domains)?
Thanks,
Kyle
_______________________________________________
dhcp-users mailing list
https://lists.isc.org/mailman/listinfo/dhcp-users
_______________________________________________
dhcp-users mailing list
https://lists.isc.org/mailman/listinfo/dhcp-users
Glenn Satchell
2012-12-06 02:04:26 UTC
Permalink
That would be ok, as long as all the hosts in one subnet belong to a given
domain.

That might be a good default, but you could also allow a given dhcp client
to override the domain, eg by using something like this in each subnet:

ddns-domainname pick-first-value(option fqdn.domainname, ddns-domainname,
"x.domain.tld");

See the dhcp-eval man page for info on pick-first-value() and dhcp-options
for the many dhcp options that can be passed between client and server.

You could also do this with classes if you had a way of selecting hosts
that should belong to a given domain, eg if there was something in the
hostname to match like a customer name.

regards,
-glenn
Post by Kyle Johnson
I may have been able to solve my problem by moving the ddns-domainname
subnet 172.21.33.0 netmask 255.255.255.240 {
option subnet-mask 255.255.255.240;
option routers 172.21.33.1;
ddns-domainname "x.domain.tld.";
pool {
failover peer "dhcp-failover";
max-lease-time 1800; # 30 minutes
range 172.21.33.5 172.21.33.14;
}
}
Can anyone think of a reason why this either would not work, or should not
be done?
Thanks,
Kyle
Post by Kyle Johnson
Hi John,
Please forgive my ignorance if I am misunderstanding what you are getting
at. In my environment, the domain name is not determined by the type of
server. All linux servers will never be a member of x.domain.tld, and all
windows servers will never be a member of y.domain.tld. Also, as we are
not doing any type of static reservations and have no idea what the MAC
address of our servers will be before they're spun up (virtual hosts), I
couldn't group them by MAC addresses.
Thanks for your time!
Kyle
On Wed, Dec 5, 2012 at 11:54 AM, John Miller
Post by John Miller
Hi Kyle,
Since you're doing this with servers, could you just create a host group
for each of VMware, Linux, and Windows, put your hosts in there, then
specify a ddns-domainname for each group?
John
--
John Miller
Systems Engineer
Brandeis University
(781) 736-4619
On Wed, Dec 5, 2012 at 11:47 AM, Kyle Johnson
Post by Kyle Johnson
Hello everyone,
I am attempting to configure a failover DHCP solution with DDNS and am
running into an issue with isc-dhcpd version 4.1.1. The issue seems to be
that if the ddns-domainname option is not configured in dhcpd.conf, the
DDNS update is not sent to the DNS server for any zone. That is, with
ddns-domainame commented out, dhcpd does not attempt to do any type of DDNS
updates.
Configuring a single ddns-domainname will not work as we have multiple
zones, each for a different domain. For this to work, I imagine that the
client (e.g. ESXi hosts, linux and windows servers) would need to send a
FQDN, which the DHCP server would then need to use when sending the DDNS
update to the DNS server.
What is the correct way to configure both DHCP and my clients to allow
DDNS to work for multiple zones (domains)?
Thanks,
Kyle
_______________________________________________
dhcp-users mailing list
https://lists.isc.org/mailman/listinfo/dhcp-users
_______________________________________________
dhcp-users mailing list
https://lists.isc.org/mailman/listinfo/dhcp-users
_______________________________________________
dhcp-users mailing list
https://lists.isc.org/mailman/listinfo/dhcp-users
John Miller
2012-12-05 19:31:35 UTC
Permalink
No problem, Kyle--I'd thought that all Windows servers were grouped into
one domain, all Linux servers into a different domain, etc. If they're
in multiple domains, then my idea of course wouldn't work. Sounds like
you got things working with sticking domains into the subnet blocks, though.

Do you auto-generate your subnet blocks from a database? If so, it
might not be so bad to add a field or two for the ddns domain.

John
Post by Kyle Johnson
Hi John,
Please forgive my ignorance if I am misunderstanding what you are
getting at. In my environment, the domain name is not determined by the
type of server. All linux servers will never be a member of
x.domain.tld, and all windows servers will never be a member of
y.domain.tld. Also, as we are not doing any type of static reservations
and have no idea what the MAC address of our servers will be before
they're spun up (virtual hosts), I couldn't group them by MAC addresses.
Thanks for your time!
Kyle
Kyle Johnson
2012-12-05 19:34:27 UTC
Permalink
John,

Indeed, they are being created dynamically via chef w/ databags. I did add
an additional field for the ddns domain.

Thank you for your assistance!
Kyle
Post by John Miller
No problem, Kyle--I'd thought that all Windows servers were grouped into
one domain, all Linux servers into a different domain, etc. If they're in
multiple domains, then my idea of course wouldn't work. Sounds like you
got things working with sticking domains into the subnet blocks, though.
Do you auto-generate your subnet blocks from a database? If so, it might
not be so bad to add a field or two for the ddns domain.
John
Post by Kyle Johnson
Hi John,
Please forgive my ignorance if I am misunderstanding what you are
getting at. In my environment, the domain name is not determined by the
type of server. All linux servers will never be a member of
x.domain.tld, and all windows servers will never be a member of
y.domain.tld. Also, as we are not doing any type of static reservations
and have no idea what the MAC address of our servers will be before
they're spun up (virtual hosts), I couldn't group them by MAC addresses.
Thanks for your time!
Kyle
______________________________**_________________
dhcp-users mailing list
https://lists.isc.org/mailman/**listinfo/dhcp-users<https://lists.isc.org/mailman/listinfo/dhcp-users>
Continue reading on narkive:
Loading...