DDNS updates without fixed-address and PXE

Glenn Satchell glenn.satchell at uniq.com.au
Thu May 20 13:39:38 UTC 2010 

On 05/20/10 22:19, Jarrod Johnson wrote:
> I started with a relatively blank slate (no jnl files, zone files with
> no entries for the hosts, and no dhcpd.leases file).  I then used
> omshell to define a host declaration without fixed-address.  When the
> system firmware executes DHCP, it gets one address, when dhclient runs,
> it gets another.  I'd be fine with this, except that DDNS pushes the
> first address, but will not push the second:
> May 20 08:12:02 nacreous dhcpd: DHCPDISCOVER from 9a:6b:c0:a8:49:63 via eth0
> May 20 08:12:02 nacreous dhcpd: Abandoning IP address 192.168.127.254
> <http://192.168.127.254>: pinged before offer
> May 20 08:12:03 nacreous dhcpd: DHCPDISCOVER from 9a:6b:c0:a8:49:63 via eth0
> May 20 08:12:04 nacreous dhcpd: DHCPOFFER on 192.168.127.253 to
> 9a:6b:c0:a8:49:63 via eth0
> May 20 08:12:04 nacreous named[10313]: client 127.0.0.1#58467: updating
> zone 'vulture.e1350/IN': adding an RR at 'vs99.vulture.e1350' A
> May 20 08:12:04 nacreous named[10313]: client 127.0.0.1#58467: updating
> zone 'vulture.e1350/IN': adding an RR at 'vs99.vulture.e1350' TXT
> May 20 08:12:04 nacreous named[10313]: journal file db.vulture.jnl does
> not exist, creating it
> May 20 08:12:04 nacreous dhcpd: Added new forward map from
> vs99.vulture.e1350 to 192.168.127.253
> <---------------------------------------------------------------- PXE IP
> gets into DNS fine
> May 20 08:12:04 nacreous named[10313]: client 127.0.0.1#55347: updating
> zone '127.168.192.IN-ADDR.ARPA/IN': deleting rrset at
> '253.127.168.192.in-addr.arpa' PTR
> May 20 08:12:04 nacreous named[10313]: client 127.0.0.1#55347: updating
> zone '127.168.192.IN-ADDR.ARPA/IN': adding an RR at
> '253.127.168.192.in-addr.arpa' PTR
> May 20 08:12:04 nacreous named[10313]: journal file db.192.168.127.jnl
> does not exist, creating it
> May 20 08:12:04 nacreous dhcpd: added reverse map from
> 253.127.168.192.in-addr.arpa. to vs99.vulture.e1350
> May 20 08:12:04 nacreous dhcpd: DHCPREQUEST for 192.168.127.253
> (192.168.127.254) from 9a:6b:c0:a8:49:63 via eth0
> May 20 08:12:04 nacreous dhcpd: DHCPACK on 192.168.127.253 to
> 9a:6b:c0:a8:49:63 via eth0
> May 20 08:12:05 nacreous atftpd[5830]: Serving xcat/xnba.kpxe to
> 192.168.127.253:1024 <http://192.168.127.253:1024>
> May 20 08:12:07 nacreous dhcpd: DHCPDISCOVER from 9a:6b:c0:a8:49:63 via eth0
> May 20 08:12:07 nacreous dhcpd: DHCPOFFER on 192.168.127.253 to
> 9a:6b:c0:a8:49:63 via eth0
> May 20 08:12:07 nacreous dhcpd: DHCPREQUEST for 192.168.127.253
> (192.168.127.254) from 9a:6b:c0:a8:49:63 via eth0
> May 20 08:12:07 nacreous dhcpd: DHCPACK on 192.168.127.253 to
> 9a:6b:c0:a8:49:63 via eth0
> May 20 08:12:21 nacreous dhcpd: DHCPDISCOVER from 9a:6b:c0:a8:49:63 via eth0
> May 20 08:12:22 nacreous dhcpd: DHCPOFFER on 192.168.127.252 to
> 9a:6b:c0:a8:49:63 via eth0
> <-------------------------------------------------- The OS gets a
> different IP
> May 20 08:12:22 nacreous named[10313]: client 127.0.0.1#54989: updating
> zone 'vulture.e1350/IN': update unsuccessful: vs99.vulture.e1350: 'name
> not in use' prerequisite not satisfied (YXDOMAIN)
> May 20 08:12:22 nacreous named[10313]: client 127.0.0.1#41967: updating
> zone 'vulture.e1350/IN': update unsuccessful: vs99.vulture.e1350/TXT:
> 'RRset exists (value dependent)' prerequisite not satisfied (NXRRSET)
> May 20 08:12:22 nacreous dhcpd: Forward map from vs99.vulture.e1350 to
> 192.168.127.252 FAILED: Has an A record but no DHCID, not mine.
> <------------- DHCPD refuses to overwrite previous DNS
> May 20 08:12:22 nacreous dhcpd: DHCPREQUEST for 192.168.127.252
> (192.168.127.254) from 9a:6b:c0:a8:49:63 via eth0
> May 20 08:12:22 nacreous dhcpd: DHCPACK on 192.168.127.252 to
> 9a:6b:c0:a8:49:63 via eth0
>
> The leases for the two addresses look like:
> lease 192.168.127.253 {
>    starts 4 2010/05/20 12:12:07;
>    ends 5 2010/05/21 00:12:07;
>    binding state active;
>    next binding state free;
>    hardware ethernet 9a:6b:c0:a8:49:63;
>    uid "\001\232k\300\250Ic";
>    set ddns-rev-name = "253.127.168.192.in-addr.arpa.";
>    set ddns-txt = "31e221283ffd9922a26267646e5db684ea";
>    set ddns-fwd-name = "vs99.vulture.e1350";
> }
> lease 192.168.127.252 {
>    starts 4 2010/05/20 12:12:22;
>    ends 5 2010/05/21 00:12:22;
>    binding state active;
>    next binding state free;
>    hardware ethernet 9a:6b:c0:a8:49:63;
> }
>
>
> Is there something I can do here to either have the firmware and os
> requests get the same lease or have dhcp overwrite the firmware induced
> DNS update?  I
>

This is a well known problem, caused by the fact that the RFC states 
that option dhcp-client-identifier is the primary key, the second one is 
ether net address. SO the PXE gets a lease based on the ethernet 
address, when Windows boots it gets a lease based on client identifier. 
To the dhcp server they are two different clients. This isn't anybody's 
particular fault, just a bad combination. Windows is one of the very few 
dhcp clients that supplies a client identifier, nearly every other 
leaves it blank.

One way around your DNS problem woul dbe for th ePXE boot to not attempt 
to add a record to the DNS zone.

Do you have a class for your PXE requests? You know, something like:

class "PXE" {
   match if substring(option vendor-class-identifier, 0, 9) = "PXEClient";
   next-server server.example.com;
   filename "pxegrub.I86PC.Solaris_10-1";
   # 10 minutes should be long enough for PXE
   max-lease-time 600;

   # don't add to DNS
   ddns-updates off;
}

ddns-updates off; turns off dns updates for all members of the class. 
Then the PXE requests won't put the temporary address in DNS, but when 
the subsequent request comes along it will.

regards,
-glenn

More information about the dhcp-users mailing list