DHCP server does not update DNS

Richard Allen ra at ra.is
Wed Dec 21 20:01:39 UTC 2011 

On 12/21/2011 07:24 PM, Simon Hobson wrote:
> Richard Allen wrote:
>
>> ... and we also located the network issue witch turned out to be a rogue
>> dhcp relay
>
> I keep a piece of "clue by four" in the office. I've come close to using
> it once or twice ;-)
>
>> Dec 21 16:02:24 wanda dhcpd: DHCPRELEASE of 172.23.101.114 from
>> 00:0f:fe:80:50:3e (censored5) via eth0 (found)
>>
>> Dec 21 16:02:54 wanda dhcpd: DHCPDISCOVER from 00:0f:fe:80:50:3e via
>> 172.23.100.254
>> Dec 21 16:02:55 wanda dhcpd: DHCPOFFER on 172.23.101.114 to
>> 00:0f:fe:80:50:3e (censored5) via 172.23.100.254
>> Dec 21 16:02:55 wanda dhcpd: DHCPREQUEST for 172.23.101.114 (172.29.100.96)
>> from 00:0f:fe:80:50:3e (censored5) via 172.23.100.254
>> Dec 21 16:02:55 wanda dhcpd: DHCPACK on 172.23.101.114 to 00:0f:fe:80:50:3e
>> (censored5) via 172.23.100.254
>> Dec 21 16:02:57 wanda named[31310]: client 172.23.101.114#19576: update
>> 'censored.com/IN' denied
>>
>> Now 172.23.100.254 is the proper relay agent it should be using when
>> traversing broadcast domains.
>> There was however no attempt made to register this into DNS.
>
> I think you are now down to sniffing packets to see what options
> are/aren't present. That looks normal for a situation where client and
> server have agreed that the client will update DNS.
>
>

Yes, I'll do that tomorrow and see what I find.    However I did have a
thought while reading up on the interim method.  Here is a quote from the
dhcpd.conf man page:

       In addition to these differences, the server also does not update
very aggressively.  Because
       each  DNS  update  involves  a  round trip to the DNS server, there
is a cost associated with
       doing updates even if they do not actually modify the DNS 
database.    So  the  DHCP  server
       tracks  whether  or  not it has updated the record in the past (this
information is stored on
       the lease) and does not attempt to update records that it thinks it
has already updated.

Now, I don't know how to read the leases file, but is there any chance dhcpd
thinks the client has already registered and thus does not try to do it again?

I really wish there was an option to make dhcpd aggressive with it's DNS
updates... :)

Thanks,
Richard.




-- 
Rikki.         --  RHCE, RHCX, HP-UX Certified Administrator.

More information about the dhcp-users mailing list