dhcpd creating corrupt DNS entries via DDNS

Neff, Glen glen.neff at emc.com
Thu May 30 17:57:54 UTC 2013 

Due to an accidental misconfiguration on a device in our labs, the following lease got written to our dhcpd.leases file:

lease 10.244.238.97 {
  starts 4 2013/05/23 08:23:30;
  ends 3 2013/06/12 08:23:30;
  tstp 3 2013/06/12 08:23:30;
  cltt 4 2013/05/23 08:23:30;
  binding state active;
  next binding state free;
  rewind binding state free;
  hardware ethernet 00:60:16:20:b9:e1;
  uid "\001\000`\026 \271\341";
  set ddns-txt = "317632325cc38b2010498ef2cbd136984f";
  set ddns-fwd-name = "cat /etc/FRIENDLYHOSTNAME.hop.usd.lab.emc.com";
  client-hostname "cat /etc/FRIENDLYHOSTNAME";
}

What would have ended as a funny (yet nerdy) story at the water cooler about the difference between a single quote and a backtick, became a more serious matter when ISC-dhcpd created the following DNS records via DDNS update:

cat\032/etc/FRIENDLYHOSTNAME.hop.usd.lab.emc.com. 3600 IN TXT "317632325cc38b2010498ef2cbd136984f"
cat\032/etc/FRIENDLYHOSTNAME.hop.usd.lab.emc.com. 3600 IN A 10.244.238.97

This chain of events started when dhcpcd on a SuSE machine was mis-configured, but it seems to me that either the ISC-dhcpd or the ISC-named involved should have prevented this.

isc-bind certainly doesn't accept this if you try to create it manually via nsupdate.

Anyone on the list have any ideas on how to prevent dhcpd from accepting invalid hostnames and/or passing them along to bind?  Or preventing bind from accepting them?

lewis# named -V
BIND 9.6.-ESV-R3 built with '--prefix=/usr' '--infodir=/usr/share/info' '--mandir=/usr/share/man' '--enable-threads' '--enable-getifaddrs' '--disable-linux-caps' '--with-openssl=/usr' '--with-randomdev=/dev/random' '--without-idn' '--without-libxml2'
lewis# dhcpd --version
isc-dhcpd-4.2.5-P1
lewis# uname -a
FreeBSD lewis.usd.lab.emc.com 8.2-RELEASE FreeBSD 8.2-RELEASE #0: Thu Feb 17 02:41:51 UTC 2011     root at mason.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC  amd64
lewis# 

-G

/*
 * Glen R. J. Neff
 * USD Lab Operations Infrastructure Team
 * glen.neff at emc.com
 *
 * EMC^2 == E^2
 */

More information about the dhcp-users mailing list