[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Bind 9 and DHCP reverse lookup problem



I think that the problem is in the BIND configuration. DHCPD tries to add name 203.129.16.172.in-addr.arpa. (i.e. name 203 into zone 129.16.172.in-addr.arpa.). However from the BIND's point of view there is no such zone in its database - in knows only about the zone 128.16.172.in-addr.arpa. Only DHCPD knows that both zones form a part of the same network. Therefore, BIND does not update the zone for which it is not authoritative.

I think that you should create zone files for zones 129.16.172.in-addr.arpa., 130.16.172.in-addr.arpa. and 131.16.172.in-addr.arpa. and include them into BIND configuration in the same way as zone 128.16.172.in-addr.arpa.

Alexey Fadyushin.
Brainbench MVP for Linux.
http://www.brainbench.com

Enrico Payne wrote:

Hi,

I am running RH9 with Bind 9.2.1 and DHCP (isc-dhcpd-V3.0pl9).

I have configured DHCP to automatically update the DNS with the
appropriate ip address and FQDN, and it works fine for the A records,
but when it tries to add an entry into the xxx.xxx.xxx-addr-arpa. File
it fails. I have scoured the various how-to's, man pages and the various
faq e-mail groups etc, and I can not find anything that gives me a clue
where to look, so I now come to the community to appeal for help.

NOTE: This is a class B subnet with 1024 addresses per subnet, starting
at x.x.128.0 and ending on x.x.131.255

Regards
Enrico


This is the error I receive.
============================
Jan 31 12:43:30 jbpn1 dhcpd: if IN A devel.jbpn. domain doesn't exist
add 216000 IN A devel.jbpn. 172.16.129.203 add 216000 IN TXT devel.jbpn.
"31eafe525c06abfba4c22f09c77d27fd93": success.
Jan 31 12:43:30 jbpn1 dhcpd: delete IN PTR 203.129.16.172.in-addr.arpa.
add 216000 IN PTR 203.129.16.172.in-addr.arpa. devel.jbpn.: not
authorized.
Jan 31 12:43:30 jbpn1 dhcpd: DHCPREQUEST for 172.16.129.203 from
00:11:0a:3e:dd:9b (devel) via eth0
Jan 31 12:43:30 jbpn1 dhcpd: DHCPACK on 172.16.129.203 to
00:11:0a:3e:dd:9b (devel) via eth0

My dhcpd.conf file looks like this.
===================================

default-lease-time 432000;
max-lease-time 604800;
option domain-name-servers 172.16.128.29;
option domain-name "jbpn.";
#
key mydhcpserver {
 algorithm hmac-md5;
 secret "Some MD5 Key data";
};
#
subnet 172.16.128.0 netmask 255.255.252.0 {
 ddns-updates on;
 range 172.16.129.96 172.16.131.254;
 option subnet-mask 255.255.252.0;
 option broadcast-address 172.16.131.255;
 option routers 172.16.128.3;
 authoritative;
 zone jbpn. { primary 172.16.128.29; key mydhcpserver; }
 zone 128.16.172.in-addr.arpa. { primary 172.16.128.29; key
mydhcpserver; }
}


My named.conf file looks like this.
===================================
options {
 directory "/var/named";
 query-source address * port 53;
};

logging {
 channel update_debug {
   file "/var/log/update-debug.log";
   severity  debug 3;
   print-category    yes;
   print-severity    yes;
   print-time   yes;
 };
            channel security_info    {
                 file "/var/log/named-th.info";
                 severity  info;
                 print-category yes;
                 print-severity yes;
                 print-time     yes;
            };

        category update { update_debug; };
        category security { security_info; };
};

key mydhcpserver {
 algorithm hmac-md5;
 secret "Some MD5 Key data";
};

zone "." {
 type hint;
 file "named.ca";
};

zone "jbpn." {
 type master;
 file "named.jbpn";
 allow-query { any; };
 allow-update { key mydhcpserver; };
};

zone "128.16.172.in-addr.arpa" {
 type master;
 file "named.172.16.128";
 allow-query { any; };
 allow-update { key mydhcpserver; };
};

--
___________________________________________
Visit us at http://www.pharma.co.za.
This e-mail has been scanned for viruses.
Pharma Natura will not be held responsible
for the loss of data or any other loss
caused by the use of the information
contained in this e-mail.




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]