ddns update not working getting a timed out

Kevin Darcy kcd at daimlerchrysler.com
Wed Nov 6 22:41:25 UTC 2002 

Is there an NS record pointing to higgins.closet6.com for the zone(s) in
question? That's another dependency in the Dynamic Update master-finding algorithm.

If you have a sniffer of some sort (hardware or software), maybe you could see where the
update requests are being sent. That might help narrow down the problem.


- Kevin

joe wrote:

> i have have my dns server listed which is on the same machine that dhcp is
> running on:
> grep SOA *
> db.127.0.0:@              IN SOA higgins.closet6.com. josephg.beer.com.
> db.192.168.1:@            IN SOA higgins.closet6.com. josephg.beer.com.
> db.closet6:@              IN SOA higgins.closet6.com. josephg.beer.com.
>
> I can resolve my dns server from my dhcp server without issue.
> I think you might be right about it
> not being able to find the dns server but i can't see why (obviously)
> Is there a cache issue i have to think about?
> thanks again.
>
> On Tue, 05 Nov 2002 00:46:52 +0000, Kevin Darcy wrote:
>
> >
> > joe wrote:
> >
> >> I am trying to resolve dhcp clients via ddns update.  My dhcp and dns
> >> (bind 9.2.1) seem to be working fine independently.  However when dhcp
> >> tries to update dns i get:
> >>
> >> Nov  4 18:27:24 higgins dhcpd: if IN A tc.closet6.com domain doesn't
> >> exist add 300 IN A tc.closet6.com 192.168.1.198 add 300 IN TXT
> >> tc.closet6.com "00a1fc24e2fea1fc05cbb4ad9f6a0983cf": timed out.
> >> Nov  4 18:27:24 higgins dhcpd: DHCPREQUEST for 192.168.1.198 from
> >> 00:10:5a:5d:b2:07 (tc) via eth0
> >> Nov  4 18:27:24 higgins dhcpd: DHCPACK on 192.168.1.198 to
> >> 00:10:5a:5d:b2:07 (tc) via eth0
> >>
> >> I think i have set up bind correctly to accept them because when i start the the
> >> service i get:
> >>
> >> Nov  4 18:30:39 higgins named[8587]: zone 'closet6.com' allows updates by IP add
> >> ress, which is insecure
> >> Nov  4 18:30:39 higgins named[8587]: zone '1.168.192.in-addr.arpa' allows update
> >> s by IP address, which is insecure
> >> Nov  4 18:31:10 higgins named[8587]: shutting down: flushing changes
> >> Nov  4 18:31:10 higgins named[8587]: stopping command channel on 127.0.0.1#953
> >> Nov  4 18:31:10 higgins named[8587]: no longer listening on 127.0.0.1#53
> >> Nov  4 18:31:10 higgins named[8587]: no longer listening on 192.168.1.2#53
> >> Nov  4 18:31:10 higgins named[8584]: exiting
> >> Nov  4 18:31:10 higgins named[8625]: starting BIND 9.2.1 -u named
> >> Nov  4 18:31:10 higgins named[8625]: using 1 CPU
> >> Nov  4 18:31:10 higgins named[8628]: loading configuration from '/etc/named.conf
> >> '
> >> Nov  4 18:31:10 higgins named[8628]: no IPv6 interfaces found
> >> Nov  4 18:31:10 higgins named[8628]: listening on IPv4 interface lo, 127.0.0.1#5
> >> 3
> >> Nov  4 18:31:10 higgins named[8628]: listening on IPv4 interface eth0, 192.168.1
> >> ...2#53
> >> Nov  4 18:31:10 higgins named[8628]: zone 'closet6.com' allows updates by IP add
> >> ress, which is insecure
> >> Nov  4 18:31:10 higgins named[8628]: zone '1.168.192.in-addr.arpa' allows update
> >> s by IP address, which is insecure
> >> Nov  4 18:31:10 higgins named[8628]: command channel listening on 127.0.0.1#953
> >> Nov  4 18:31:10 higgins named[8628]: zone 0.0.127.in-addr.arpa/IN: loaded serial
> >>  2002110306
> >> Nov  4 18:31:10 higgins named[8628]: zone 1.168.192.in-addr.arpa/IN: loaded seri
> >> al 2002110306
> >> Nov  4 18:31:10 higgins named: named startup succeeded
> >> Nov  4 18:31:10 higgins named[8628]: zone closet6.com/IN: loaded serial 20021103
> >> 06
> >> Nov  4 18:31:10 higgins named[8628]: running
> >> Nov  4 18:31:10 higgins named[8628]: zone 0.0.127.in-addr.arpa/IN: sending notif
> >> ies (serial 2002110306)
> >>
> >> Do i need to use dns-keygen and dnssec-keygen to get me a key to do the
> >> updates?  I wasn't planning on using any security as i am just trying to
> >> play with bind at home.  I found some doc's for bind 8 but none for bind
> >> 9, does anyone know where I can find some for bind 9?
> >> If i don't have to do the above does anyone think this might be a
> >> permissions issue?
> >> Thanks in advance,
> >> joe
> >> (conf files below)
> >>
> >> ## named.custom - custom configuration for bind
> >> #
> >> # Any changes not currently supported by redhat-config-bind should be put
> >> # in this file.
> >> #
> >>
> >> options {
> >>         directory "/var/named";
> >> };
> >>
> >> zone "." {
> >>         type hint;
> >>         file "root.cache";
> >> };
> >>
> >> zone "closet6.com" {
> >>         type master;
> >>         file "shortcut/db.closet6";
> >>         allow-update { 192.168.1/24; };
> >>         allow-query  { any; };
> >>                         /*  This file is in /var/named you must
> >>                          *      create it or the zone will not be loaded
> >>                          */
> >> };
> >>
> >> zone "1.168.192.in-addr.arpa" {
> >>         type master;
> >>         file "shortcut/db.192.168.1";
> >>         allow-update { 192.168.1/24; };
> >>         allow-query  { any; };
> >>                         /* This is an example entry for a generic
> >>                          * subnet, it's syntax will be the same as
> >>                          * the localhost.db as they serve similar
> >>                          * functions
> >>                          */
> >> };
> >>
> >> zone "0.0.127.in-addr.arpa" {
> >>         type master;
> >>         file "shortcut/db.127.0.0";
> >>                         /* This file is the reverse file for your
> >>                          * local network, it is essential that this
> >>                          * is in place or dns may be flakey.
> >>                          */
> >> };
> >> # sample /etc/dhcpd.conf
> >> # (add your comments here)
> >>
> >> server-identifier higgins.closet6.com;
> >> authoritative;
> >> ddns-update-style interim;
> >>
> >> subnet 192.168.1.0 netmask 255.255.255.0 {
> >>         range 192.168.1.50  192.168.1.200;
> >>         default-lease-time 600;
> >>         max-lease-time 7200;
> >>         option subnet-mask 255.255.255.0;
> >>         option broadcast-address 192.168.1.255;
> >>         option routers 192.168.1.1;
> >>         option domain-name-servers 192.168.1.2;
> >>         #option domain-name-servers 24.48.44.2, 24.48.44.2;
> >>         option domain-name "closet6.com";
> >>
> >> }
> >
> > What server name do you have in the MNAME (first) field of the SOA record for these
> > zones? My guess is that the server name resolves to something that the DHCP server
> > cannot reach. Therefore it times out.
> >
> > Then again, I don't know what "authoritative" and "ddns-update-style interim" mean
> > in your dhcpd.conf file. Maybe those settings are incorrect (??)
> >
> >
> > - Kevin

More information about the bind-users mailing list