[Kea-users] Kea DDNS - Forward Updates work, but reverse do not?
Ubence Quevedo (thatrat)
thatrat at gmail.com
Sun Jan 28 11:37:07 UTC 2024
Hi All,
I’ve recently converted from the older ISC dhcpd with dynamic DNS configured and working properly with updating forward and reverse entries, but after converting to Kea, I can only get the forward entries to work and the reverse entries do not update.
This is a raspberry pi 4b running Ubuntu 22.04 LTS with Kea 2.0.2. I can’t run the latest version since this is an arm system.
From what I can tell, things *look* correct, but when I do a journalctl -xeu kea-dhcp-ddns-server, in the below snippet, I get the following:
Jan 27 15:55:15 raspi kea-dhcp-ddns[1542846]: INFO DHCP_DDNS_REMOVE_SUCCEEDED DHCP_DDNS Request ID 000001F16C84BB0E8343A9B37FA2789333DAFE841ED32B93F538FC22A0F905170D2979: successfully removed the DNS mapping addition for this request: Type: 1 (CHG_REMOVE)
Jan 27 15:55:15 raspi kea-dhcp-ddns[1542846]: Forward Change: yes
Jan 27 15:55:15 raspi kea-dhcp-ddns[1542846]: Reverse Change: yes
Jan 27 15:55:15 raspi kea-dhcp-ddns[1542846]: FQDN: [lg-washer.totusmel.com.]
Jan 27 15:55:15 raspi kea-dhcp-ddns[1542846]: IP Address: [192.168.10.74]
Jan 27 15:55:15 raspi kea-dhcp-ddns[1542846]: DHCID: [000001F16C84BB0E8343A9B37FA2789333DAFE841ED32B93F538FC22A0F905170D2979]
Jan 27 15:55:15 raspi kea-dhcp-ddns[1542846]: Lease Expires On: 20240127223510
Jan 27 15:55:15 raspi kea-dhcp-ddns[1542846]: Lease Length: 2400
Jan 27 15:55:15 raspi kea-dhcp-ddns[1542846]: Conflict Resolution: yes
Jan 27 16:28:37 raspi kea-dhcp-ddns[1542846]: ERROR DHCP_DDNS_REVERSE_REPLACE_REJECTED DNS Request ID 000001F16C84BB0E8343A9B37FA2789333DAFE841ED32B93F538FC22A0F905170D2979: Server, 192.168.10.3 port:53, rejected a DNS update request to replace the reverse mapping for FQDN, lg-washer.totusmel.com., with an RCODE: 5
Jan 27 16:28:37 raspi kea-dhcp-ddns[1542846]: ERROR DHCP_DDNS_ADD_FAILED DHCP_DDNS Request ID 000001F16C84BB0E8343A9B37FA2789333DAFE841ED32B93F538FC22A0F905170D2979: Transaction outcome Status: Failed, Event: UPDATE_FAILED_EVT, Forward change: completed, Reverse change: failed, request: Type: 0 (CHG_ADD)
Jan 27 16:28:37 raspi kea-dhcp-ddns[1542846]: Forward Change: yes
Jan 27 16:28:37 raspi kea-dhcp-ddns[1542846]: Reverse Change: yes
Jan 27 16:28:37 raspi kea-dhcp-ddns[1542846]: FQDN: [lg-washer.totusmel.com.]
Jan 27 16:28:37 raspi kea-dhcp-ddns[1542846]: IP Address: [192.168.10.74]
Jan 27 16:28:37 raspi kea-dhcp-ddns[1542846]: DHCID: [000001F16C84BB0E8343A9B37FA2789333DAFE841ED32B93F538FC22A0F905170D2979]
Jan 27 16:28:37 raspi kea-dhcp-ddns[1542846]: Lease Expires On: 20240128010837
Jan 27 16:28:37 raspi kea-dhcp-ddns[1542846]: Lease Length: 2400
Jan 27 16:28:37 raspi kea-dhcp-ddns[1542846]: Conflict Resolution: yes
Jan 27 19:47:29 raspi kea-dhcp-ddns[1542846]: INFO DHCP_DDNS_REMOVE_SUCCEEDED DHCP_DDNS Request ID 000101F6EDAB718AF0636693516DC64E90C9548F7468BA9B9BE28C3603ADF66E710310: successfully removed the DNS mapping addition for this request: Type: 1 (CHG_REMOVE)
Jan 27 19:47:29 raspi kea-dhcp-ddns[1542846]: Forward Change: yes
Jan 27 19:47:29 raspi kea-dhcp-ddns[1542846]: Reverse Change: yes
Jan 27 19:47:29 raspi kea-dhcp-ddns[1542846]: FQDN: [lr-lg-c2.totusmel.com.]
Jan 27 19:47:29 raspi kea-dhcp-ddns[1542846]: IP Address: [192.168.10.108]
Jan 27 19:47:29 raspi kea-dhcp-ddns[1542846]: DHCID: [000101F6EDAB718AF0636693516DC64E90C9548F7468BA9B9BE28C3603ADF66E710310]
Jan 27 19:47:29 raspi kea-dhcp-ddns[1542846]: Lease Expires On: 20240128033544
Jan 27 19:47:29 raspi kea-dhcp-ddns[1542846]: Lease Length: 2400
Jan 27 19:47:29 raspi kea-dhcp-ddns[1542846]: Conflict Resolution: yes
The error entry shows a failure while the first and second entries show success.
I’m a bit baffled because in the kea-dhcp-ddns.conf, the forward and reverse are configured nearly the same and reference the same key to allow updates:
"DhcpDdns":
{
"ip-address": "127.0.0.1",
"port": 53001,
"control-socket": {
"socket-type": "unix",
"socket-name": "/tmp/kea-ddns-ctrl-socket"
},
<?include "/etc/kea/tsig-keys.json"?>
"forward-ddns" : {
"ddns-domains": [
{
"name": "totusmel.com.",
"key-name": "ddns-key",
"dns-servers": [
{
"ip-address": "192.168.10.3",
"port": 53
}
]
}
]
},
"reverse-ddns" : {
"ddns-domains": [
{
"name": "10.168.192.in-addr.arpa.",
"key-name": "ddns-key",
"dns-servers": [
{
"ip-address": "192.168.10.3",
"port": 53
}
]
}
]
}
The relevant section from the kea-dhcp4.conf:
"dhcp-ddns": {
"enable-updates": true
}
"ddns-qualifying-suffix": "totusmel.com",
"ddns-override-client-update": true,
I’m also expecting there to be a .jnl file for the zone file in /var/lib/bind/ where the zone files reside, but the .jnl file I’m expecting never gets generated:
root at raspi:/var/lib/bind# ls -la db*
-rw-r--r-- 1 bind bind 6169 Jan 27 16:37 db.10.168.192.in-addr.arpa
-rw-r--r-- 1 bind bind 295 Nov 6 2022 db.20.168.192.in-addr.arpa
-rw-r--r-- 1 bind bind 347 Nov 6 2022 db.30.168.192.in-addr.arpa
-rw-r--r-- 1 bind bind 278 Nov 6 2022 db.40.168.192.in-addr.arpa
-rw-r--r-- 1 bind bind 276 Nov 6 2022 db.50.168.192.in-addr.arpa
-rw-r--r-- 1 bind bind 1082 Jan 25 20:08 db.lab.totusmel.com
-rw-r--r-- 1 bind bind 1372 Jan 25 19:56 db.lab.totusmel.com.jnl
-rw-r--r-- 1 bind bind 22676 Jan 28 02:41 db.totusmel.com
-rw-r--r-- 1 bind bind 3872 Jan 28 02:28 db.totusmel.com.jnl
Does anyone have any thoughts or suggestions on what might be wrong? I can provide more information if needed, I just included the bits that I thought were relevant.
Any thoughts or suggestions would be greatly appreciated!
-Ubence
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/kea-users/attachments/20240128/b0eab04d/attachment.htm>
More information about the Kea-users
mailing list