[Kea-users] help with dual stack ddns updates (replacing isc-dhcp with kea-dhcp)
Bruno Meirelles
bmeirelles at gmail.com
Fri Jun 16 19:23:18 UTC 2023
Hi friends,
I'm replacing isc-dhcp with kea, but I'm having problem with dns dynamic
update with dual stack
in kea-dhcp4.conf :
"dhcp-ddns" : {
"enable-updates" : true,
"server-ip" : "::1",
"sender-ip" : "::1",
"sender-port" : 53003,
"replace-client-name": "when-not-present",
},
"ddns-send-updates" : true,
"ddns-override-no-update" : true,
"ddns-override-client-update" : true,
"ddns-qualifying-suffix" : "informatica.digital.",
"ddns-update-on-renew" : true,
"ddns-use-conflict-resolution" : true,
# "hostname-char-set": "[^A-Za-z0-9.-]",
# "hostname-char-replacement": "x",
"match-client-id": true,
in kea-dhcp6.conf :
"dhcp-ddns" : {
"enable-updates" : true,
"server-ip" : "::1",
"sender-ip" : "::1",
"sender-port" : 53002,
"replace-client-name": "when-not-present",
},
"ddns-send-updates" : true,
"ddns-override-no-update" : true,
"ddns-override-client-update" : true,
"ddns-qualifying-suffix" : "informatica.digital.",
"ddns-update-on-renew" : true,
"ddns-use-conflict-resolution" : true,
# "hostname-char-set": "[^A-Za-z0-9.-]",
# "hostname-char-replacement": "x",
in kea-dhcp-ddns.conf:
"DhcpDdns": {
"ip-address": "::1",
"control-socket": {
"socket-type": "unix",
"socket-name": "/run/kea/kea-ddns-ctrl-socket"
},
"forward-ddns": {
"ddns-domains": [
{
"name": "informatica.digital.",
"key-name": "rndc-key",
"dns-servers": [
{
"ip-address": "::1",
"port": 53,
"key-name": "rndc-key"
}
]
}
]
},
"reverse-ddns": {
"ddns-domains": [
{
"name": "0.0.d.f.ip6.arpa.",
"dns-servers": [
{
"ip-address": "::1",
"port": 53,
"key-name": "rndc-key"
}
]
},
{
"name": "168.192.in-addr.arpa.",
"dns-servers": [
{
"ip-address": "::1",
"port": 53,
"key-name": "rndc-key"
}
]
}
]
},
"tsig-keys": [
{
"name": "rndc-key",
"algorithm": "HMAC-MD5",
"secret": "TVQwpnYGt8TLDTrviBoZ4A=="
}
],
Forward and reverse ipv4 are being added to dns correctly,
2023-06-16T15:44:55.087345-03:00 router kea-dhcp-ddns[6126]: Forward
Change: yes
2023-06-16T15:44:55.087991-03:00 router kea-dhcp-ddns[6126]: Reverse
Change: yes
2023-06-16T15:44:55.088488-03:00 router kea-dhcp-ddns[6126]: FQDN:
[x79.informatica.digital.]
2023-06-16T15:44:55.089092-03:00 router kea-dhcp-ddns[6126]: IP Address:
[192.168.1.2]
2023-06-16T15:44:55.089478-03:00 router kea-dhcp-ddns[6126]: DHCID:
[00010161C842CCC250527045EDED24629529B402586F7336E34BF765A1C5D6ECB0B3B5]
2023-06-16T15:44:55.089774-03:00 router kea-dhcp-ddns[6126]: Lease
Expires On: 20230616184954
2023-06-16T15:44:55.090088-03:00 router kea-dhcp-ddns[6126]: Lease
Length: 1200
2023-06-16T15:44:55.090417-03:00 router kea-dhcp-ddns[6126]: Conflict
Resolution: yes
2023-06-16T15:44:55.090802-03:00 router named[6778]: client @0xb398d934
::1#37057/key rndc-key: signer "rndc-key" approved
2023-06-16T15:44:55.091241-03:00 router named[6778]: client @0xb398d934
::1#37057/key rndc-key: updating zone 'informatica.digital/IN': adding
an RR at 'x79.informatica.digital' A 192.168.1.2
2023-06-16T15:44:55.091666-03:00 router named[6778]: client @0xb398d934
::1#37057/key rndc-key: updating zone 'informatica.digital/IN': adding
an RR at 'x79.informatica.digital' DHCID
AAEBYchCzMJQUnBF7e0kYpUptAJYb3M240v3ZaHF1uyws7U=
2023-06-16T15:44:55.098895-03:00 router named[6778]: client @0xb0c81534
::1#37223/key rndc-key: signer "rndc-key" approved
2023-06-16T15:44:55.099474-03:00 router named[6778]: client @0xb0c81534
::1#37223/key rndc-key: updating zone '168.192.in-addr.arpa/IN':
deleting rrset at '2.1.168.192.in-addr.arpa' PTR
2023-06-16T15:44:55.099969-03:00 router named[6778]: client @0xb0c81534
::1#37223/key rndc-key: updating zone '168.192.in-addr.arpa/IN':
deleting rrset at '2.1.168.192.in-addr.arpa' DHCID
2023-06-16T15:44:55.100463-03:00 router named[6778]: client @0xb0c81534
::1#37223/key rndc-key: updating zone '168.192.in-addr.arpa/IN': adding
an RR at '2.1.168.192.in-addr.arpa' PTR x79.informatica.digital.
2023-06-16T15:44:55.100997-03:00 router named[6778]: client @0xb0c81534
::1#37223/key rndc-key: updating zone '168.192.in-addr.arpa/IN': adding
an RR at '2.1.168.192.in-addr.arpa' DHCID
AAEBYchCzMJQUnBF7e0kYpUptAJYb3M240v3ZaHF1uyws7U=
but when kea6 tries to add forward ipv6, this error appears:
2023-06-16T15:54:35.612754-03:00 router named[6778]: client @0xb0172534
::1#37996/key rndc-key: signer "rndc-key" approved
2023-06-16T15:54:35.613385-03:00 router kea-dhcp-ddns[6126]: ERROR
DHCP_DDNS_FORWARD_REPLACE_REJECTED DNS Request ID
000201A4DA3B65FDE300BAE9AD9B667E64199C8F12AA223B3AF1F569C46E640B7BD21F:
Server, ::1 port:53, rejected a DNS update request to replace the
address mapping for FQDN, x79.informatica.digital., with an RCODE: 8
2023-06-16T15:54:35.613818-03:00 router kea-dhcp-ddns[6126]: ERROR
DHCP_DDNS_ADD_FAILED DHCP_DDNS Request ID
000201A4DA3B65FDE300BAE9AD9B667E64199C8F12AA223B3AF1F569C46E640B7BD21F:
Transaction outcome Status: Failed, Event: UPDATE_FAILED_EVT, Forward
change: failed, Reverse change: failed, request: Type: 0 (CHG_ADD)
2023-06-16T15:54:35.614200-03:00 router kea-dhcp-ddns[6126]: Forward
Change: yes
2023-06-16T15:54:35.614563-03:00 router kea-dhcp-ddns[6126]: Reverse
Change: yes
2023-06-16T15:54:35.614914-03:00 router kea-dhcp-ddns[6126]: FQDN:
[x79.informatica.digital.]
2023-06-16T15:54:35.615268-03:00 router kea-dhcp-ddns[6126]: IP Address:
[fd00:ffff:fffd::8]
2023-06-16T15:54:35.615622-03:00 router kea-dhcp-ddns[6126]: DHCID:
[000201A4DA3B65FDE300BAE9AD9B667E64199C8F12AA223B3AF1F569C46E640B7BD21F]
2023-06-16T15:54:35.615972-03:00 router kea-dhcp-ddns[6126]: Lease
Expires On: 19700101000000
2023-06-16T15:54:35.616369-03:00 router kea-dhcp-ddns[6126]: Lease
Length: 1333
2023-06-16T15:54:35.616731-03:00 router kea-dhcp-ddns[6126]: Conflict
Resolution: yes
2023-06-16T15:54:35.617214-03:00 router named[6778]: client @0xb0172534
::1#37996/key rndc-key: updating zone 'informatica.digital/IN': update
unsuccessful: x79.informatica.digital: 'name not in use' prerequisite
not satisfied (YXDOMAIN)
2023-06-16T15:54:35.617754-03:00 router named[6778]: client @0xb0172534
::1#55668/key rndc-key: signer "rndc-key" approved
2023-06-16T15:54:35.618271-03:00 router named[6778]: client @0xb0172534
::1#55668/key rndc-key: updating zone 'informatica.digital/IN': update
unsuccessful: x79.informatica.digital/DHCID: 'RRset exists (value
dependent)' prerequisite not satisfied (NXRRSET)
What is missing? thank you very much if you can help me.
More information about the Kea-users
mailing list