DNS + DHCP cooperation

marco.borsatino at libero.it marco.borsatino at libero.it
Sat May 1 13:40:34 UTC 2010 

Hi to all.
Sorry for my bad english.
For pure self-educational, not professional, purposes, I am studying how to configure a server with several services operating on it.
For my experiment I'm using VirtualBox 3.1.x on a WinXP host with 3 FreeBSD guests; one acts as a DHCP + DNS server; the others as clients on two different subnets.
The problems relate to the cooperation between DNS and DHCP; in a first stage I configured the DNS (single master) with success.
Digging into the great FreeBSD documentation (books, HOWTOs on the net, forums) I put together the file server configuration filea reproduced below.
The problem is that the client, configured as a DHCP client, receives the address assigned by DHCP server; the client can be reached with IP; 
it pings the other client and the server using their names, but it is not recognized by name by the other virtual PCs.
At startup, named warns that the "working directory is not writable";
when the client seeks and gets its address, the DNS + DHCP server console warns it can not create the file /etc/db.marbosoft.org.jnl,
"Permission denied".
Named runs under the bind user-id; the name working directory is owned by root / wheel with write right only for the owner.
Changing owner permissions does not work, because they are restored on restart.
Both BIND and DHCP server programs have been installed from FreeBSD port collections without problems.
Where am I wrong?
Thank you.
Marco
#/etc/rc.conf
hostname="fbsdgw.marbosoft.org"
defaultrouter="192.168.0.1"
ifconfig_em0="DHCP"
inetd_enable="YES"
ifconfig_em1="inet 172.16.1.1 netmask 255.255.255.0"
ifconfig_em2="inet 172.16.2.1 netmask 255.255.255.0"
gateway_enable="YES"
named_enable="YES"
dhcpd_enable="YES"
dhcpd_ifaces="em1"
dhcpd_conf="/usr/local/etc/dhcpd.conf"
#end

#/etc/namedb/named.conf
options {
    directory    "/etc/namedb";
    pid-file    "/var/run/named/pid";
    dump-file    "/var/dump/named_dump.db";
    statistics-file    "/var/stats/named.stats";
};

include "/etc/namedb/dhcp-dns.key";

zone "marbosoft.org" in {
    type master;
    file "db.marbosoft.org";
    allow-update { key DHCP_UPDATER; };
};
;this is the zone with a  DHCP client
zone "1.16.172.in-addr.arpa" in {
    type master;
    file "db.172.16.1.0";
    allow-update { key DHCP_UPDATER; };
};
;this zone still has static addresses
zone "2.16.172.in-addr.arpa" in {
    type master;
     file "db.172.16.2.0";
};

zone "." in {
    type hint;
    file "named.root";
};
#end

#file /etc/namedb/db.marbosoft.org
$TTL 1h
marbosoft.org. IN SOA fbsdgw.marbosoft.org. root.marbosoft.org. (
    2    ; serial
    1h    ; refresh
    1h    ; retry
    1w    ; ends
    1H    ; negative cashing
);

;name servers
marbosoft.org. IN NS    fbsdgw.marbosoft.org.

;canonical names
localhost.marbosoft.org.  IN A    127.0.0.1
;this is the client in DHCP; so I've excluded it from static addresses
;fbsdnw11.marbosoft.org.   IN A  172.16.1.2
fbsdnw21.marbosoft.org.   IN A  172.16.2.2
#I've excluded some rows like aliases
#end

#/etc/namedb/db.172.16.1.0
$TTL 1h
1.16.172.in-addr.arpa. IN SOA fbsdgw.marbosoft.org. root.fbsdgw.marbosoft.org. (
    1    
    1h 
    1h 
    1w
    1h 
);

;name servers
1.16.172.in-addr.arpa.    IN NS fbsdgw.marbosoft.org.

;canonical names
1.1.16.172.in-addr.arpa.    IN PTR fbsdgw.marbosoft.org.
;DHCP client
;2.1.16.172.in-addr.arpa.    IN PTR fbsdnw11.marbosoft.org.
#end

#the file /etc/namedb/named.root is the one installed by BIND9 itself

#file /usr/local/etc/dhcp.conf
authoritative;
option domain-name "marbosoft.org";
option domain-name-servers 172.16.1.1;
default-lease-time 600;
max-lease-time 7200;
ddns-update-style interim;
subnet 172.16.1.0 netmask 255.255.255.0 {
    range 172.16.1.100 172.16.1.150;
    option routers 172.16.1.1;
}
include "/etc/namedb/dhcp-dns.key";

zone marbosoft.org {
  primary 127.0.0.1;
  key DHCP_UPDATER;
}

zone 1.16.172.in-addr.arpa {
  primary 127.0.0.1;
  key DHCP_UPDATER;
}
#end

#file /etc/namedb/dhcp-dns.key
key DHCP_UPDATER {
    algorithm hmac-md5;
    secret "+4J+tLcLuwvnm/epVb96DYri4Ood1OG5M+IvN7RBgDgIuNpdmKCFkbyw5pmMXMCDGVuiVI/qokDTyyDVc0OoWw==";
};

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20100501/33ae6b1f/attachment.html>

More information about the bind-users mailing list