ISC-DHCP and BIND 9 DNS: DDNS update fails for /27 subnet
Mirsad Goran Todorovac
mirsad.todorovac at alu.unizg.hr
Fri Dec 10 22:50:43 UTC 2021
Hello,
I have a problem with DHCP DDNS update to BIND 9 reverse PTR zone subnet
that is owned by several organizations, so I can't get a direct DHCP
DDNS update access with a key or with hostname.
I have been delegated domain name |192-27.186.198.193.in-addr.arpa from
the upper level admins, and that appears to be immutable.|
|However, my subnet is 193.198.186.192/27, and DHCP only knows how to
perform DDNS update to 186.198.193.in-addr.arpa. (See here:
https://serverfault.com/questions/806875/how-to-tell-isc-dhcp-correct-zone-for-reverse-zone-ddns-update
and here:
https://lists.isc.org/mailman/htdig/dhcp-users/2006-August/001422.html ).
|
|(This setup is because we have DHCP addresses that are not over NAT,
but /24 subnet is shared with other organizations, even under another
Minstry.)|
|I want to have the effect of delegating the same database to upper
level under their zone name, while updating the same database under my
DHCP-understood zone name.|
|I tried this /etc/bind/named.conf.local:|
|zone "192-27.186.198.193.in-addr.arpa" in { type master; file
"/var/cache/bind/192-27.186.198.193.in-addr.arpa.db"; }; zone
"186.198.193.in-addr.arpa" in { type master; file
"/var/cache/bind/192-27.186.198.193.in-addr.arpa.db"; allow-update { key
DDNS_UPDATE; }; }; |
(Two zones with the same file.)
What I got was:
|root at domac:/etc/bind# named-checkconf /etc/bind/named.conf.local:49:
writeable file '/var/cache/bind/192-27.186.198.193.in-addr.arpa.db':
already in use: /etc/bind/named.conf.local:44 root at domac:/etc/bind# Can
you please tell me is there a way to achieve the effect of the above
(illegal) setup? I can't change DHCP nor I know an option to tell it to
accept update to |||192-27.186.198.193.in-addr.arpa| (it is a syntax error). The DHCP
dhcpd.conf subnet configuration is: |||subnet 193.198.186.192 netmask 255.255.255.224 { range 193.198.186.200
193.198.186.222; # MT 20211210 option subnet-mask 255.255.255.224;
option domain-name-servers 161.53.235.3, 161.53.2.70; option domain-name
"slava.alu.hr"; ddns-domainname "slava.alu.hr"; zone slava.alu.hr. {
primary 127.0.0.1; key DDNS_UPDATE; } zone 186.198.193.in-addr.arpa. {
primary 127.0.0.1; key DDNS_UPDATE; } option broadcast-address
193.198.186.223; option routers 193.198.186.193; default-lease-time
43200; max-lease-time 86400; } | Thank you very much for your time
reading this mail and help. Kind regards, -- Mirsad Goran Todorovac
Academy of Fine Arts | Faculty of Graphic Arts University of Zagreb |
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20211210/ba536967/attachment.htm>
More information about the bind-users
mailing list