DHCPv6 and DDNS

Philippe Clérié philippe at gcal.net
Thu Jun 18 16:35:02 UTC 2015 

Hello,

First time on the list, mostly because I have not found my answer on 
Debian users or anywhere else.

For the past couple of weeks I've been trying to set up isc-dhcp-server 
( 4.3.1 ) on Debian Jessie for IPv6. I am at a point where the server is 
providing addresses but I cannot get it to update the DNS server.

Both servers are on the same machine. The DNS server is bind9 ( 9.9.5 ) 
and is working correctly for both IPv4 and IPv6. DHCPv4 is updating DNS 
with no problems and I can manage IPv6 addresses using nsupdate.

The last change I attempted in my dhcpd6.conf was to set 
ddns-update-style to "standard" instead of "interim" as suggested by ISC 
(https://deepthought.isc.org/article/AA-01091/0/ISC-DHCP-support-for-Standard-DDNS.html). 
Setting update-optimization to false is also recommended.

Note that interim style does not work either. In fact, the only time I 
saw some traffic from the DHCP transaction was just after changing to 
standard style. There was a bunch of denied DNS queries from the 
link-local address of the DHCP client. I allowed queries from fe80::/10 
to the DNS servers and thoses messages disappeared.

I have also tried removing any existing lease on the client side before 
attempting the connection. The only difference is that I get the 
4-messages exchange with the DHCP server instead of the 2-message exchange.

Static leases on DHCPv4 are updated provided update-static-leases is on, 
so I presume the behavior is the same with v6.

======== dhcpd6.conf =======
log-facility local7;

ddns-updates on;
ddns-update-style standard;

update-optimization false;
update-conflict-detection false;
allow leasequery;

update-static-leases on;

zone example.com {
         primary6 2001:xxxx:xxxx:xxxx::16;
}

zone x.x.x.x.x.x.x.x.x.x.x.x.1.0.0.2.ip6.arpa {
         primary6 2001:xxxx:xxxx:xxxx::16;
}

authoritative
option dhcp6.name-servers 2001:xxxx:xxxx:xxxx::16;
option dhcp6.domain-search "example.com";
default-lease-time 28800;
max-lease-time 86400;
min-lease-time 7200;
ddns-domainname "example.com.";
ddns-rev-domainname "ip6.arpa.";

host alcor {
     # IPv4 172.28.5.12
         fixed-address6 2001:xxxx:xxxx:xxxx::12;
         hardware ethernet 80:1f:02:bf:05:0e;
         default-lease-time 259200;
         max-lease-time 604800;
         min-lease-time 86400;
}

subnet6 2001:xxxx:xxxx:xxxx::/64 {
        range6 2001:xxxx:xxxx:xxxx::1:101
               2001:xxxx:xxxx:xxxx::1:130;
}

===============================

So in this fragment, server alcor gets both IP addresses correctly but 
only the IPv4 address is entered in DNS.

Note that trio update-optimization, update-conflict-detection, allow 
leasequery has been tried in all combinations of either false or 
commented out.

So far I have not seen any trace of an attempt by the DHCPv6 server to 
update the DNS. I would have preferred at least some error.

For completeness I'm adding below the contents of radvd.conf and the 
relevant portions of named.conf.

Thanks in advance for any suggestion...

-- 
Philippe

------
The trouble with common sense it that it is so uncommon.
<Anonymous>


======== radvd.conf ========
#   This section was automatically generated by the Vyatta
#   configuration sub-system.  Do not edit it.
#
#   Generated by root on Wed Jun 17 10:32:44 2015
#
     IgnoreIfMissing on;
     AdvSendAdvert on;
     AdvOtherConfigFlag on;
     AdvDefaultLifetime 1800;
     AdvLinkMTU 0;
     AdvCurHopLimit 64;
     AdvReachableTime 0;
     MaxRtrAdvInterval 600;
     MinRtrAdvInterval 198;
     AdvDefaultPreference medium;
     AdvRetransTimer 0;
     AdvManagedFlag on;
     prefix 2001:xxxx:xxxx:xxxx::/64 {
         AdvPreferredLifetime 604800;
         AdvAutonomous on;
         AdvOnLink on;
         AdvValidLifetime 2592000;
     };
};

============================


======== named.conf.local (partial) ========

zone "logisys.ht" in{
         type master;
         file "/var/lib/bind/zone.example.com";
         allow-update { 172.28.5.0/24; 2001:xxxx:xxxx:xxxx::/10; 
fe80::/64; localhost;  };
};

zone "x.x.x.x.x.x.x.x.x.x.x.x.1.0.0.2.ip6.arpa" in{
         type master;
         file "/var/lib/bind/zone.x.x.x.x.x.x.x.x.x.x.x.x.1.0.0.2.ip6.arpa";
         allow-update { 2001:xxxx:xxxx:xxxx::/64; fe80::/64; localhost; };
};

============================================

More information about the dhcp-users mailing list