DHCP, Dynamic DNS, and IPv6
Loren M. Lang
lorenl at north-winds.org
Wed Jun 10 10:53:05 UTC 2009
I've done a little more research on this problem and it looks like there
is a standard solution specified in the RFCs.
David W. Hankins wrote:
> On Wed, Aug 20, 2008 at 01:27:23AM -0700, Loren M. Lang wrote:
>
>> section, but a status of NOERROR instead of NXDOMAIN. At that point it
>> decides that it can't update the name even though there is no A or TXT
>> records for it.
>>
>
> RFC 4703, section 5.3.1. In order for updates to proceed, a query
> on the name must be NXDOMAIN, to ensure that it has not yet been
> allocated. This is not a specific query, but rather a prerequisite
> on the first update attempt.
>
Section 5.3.1 goes on to say that if the reply code is YXDOMAIN (as it
is in this case), proceed to section 5.3.2. Section 5.3.2 describes
doing an update with two prerequisites, one is that the name exists and
two is that the DHCID is identical. If I add AAAA, SSHFP, or other
records after the first successful dynamic DNS update, then a correct
DHCID should be in DNS. The problem comes when the lease has expired or
been release, at which point DHCP removes the A and TXT records for that
name. According to section 5.5, A and DHCID records are deleted
separately. First the A record added by DHCP is deleted with a
prerequisite that the DHCID must be identical to what DHCP knows. Then
the DHCID is deleted only if there are no A or AAAA records for that
name. If I statically configure AAAA records for a client after DHCP
has created the A and DHCID records for the client then the presence of
any AAAA or SSHFP records should not interfere with DHCP adding and
removing A records when a lease is assigned/released. Now combining
DHCPv4 and DHVPv6 will have issues if IPv4 clients which also support
IPv6 don't use a DUID in their DHCP client identifiers (I am not sure
how widely this is supported), but I don't have any plans to run a
DHCPv6 server at this time. Using IPv6 autoconfiguration and manually
adding AAAA records is acceptable.
According to the dhcpd.conf man page, ISC DHCP only supports a draft
version of dynamic DNS until such time that the IETF standardizes on
them. It looks like the RFCs 4071, 4072, and 4073 are those standards
which were published in Oct. 2006 and are currently classified as a
proposed standard. Is there a road map for implementing the RFCs for
DHCPv4? I assume DHCPv6 is currently doing dynamic updates according to
the RFCs.
>
>> How can I get DHCP to update the records regardless of
>> the existence of a AAAA record?
>>
>
> Short of editing sources, I don't see a way.
>
> In theory you should be able to just insert the TXT record when you
> add the AAAA. But now that I remember, I think our ddns removals will
> drop the TXT record if it expired the last A record. We should
> probably be checking for both A and AAAA there.
>
>
--
Loren M. Lang
lorenl at north-winds.org
http://www.north-winds.org/
Public Key: ftp://ftp.north-winds.org/pub/lorenl_pubkey.asc
Fingerprint: 10A0 7AE2 DAF5 4780 888A 3FA4 DCEE BB39 7654 DE5B
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 260 bytes
Desc: OpenPGP digital signature
URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20090610/a1c3c4e4/attachment.bin>
More information about the dhcp-users
mailing list