need help with dynamic DNS updates, better mysteries

Ross Boylan RossBoylan at stanfordalumni.org
Sat Mar 11 19:25:46 UTC 2006 

Although I don't think I've changed anything, I now seem to be getting
attempts at an update, and some logging.

Mar 10 20:17:31 wheat dhcpd: DHCPDISCOVER from 00:0e:0c:9b:e8:84 via eth1
Mar 10 20:17:32 wheat dhcpd: DHCPOFFER on 192.168.40.25 to 00:0e:0c:9b:e8:84 (corn) via eth1
Mar 10 20:17:32 wheat named[7080]: client 127.0.0.1#33008: view inside: update 'betterworld.us/IN' denied
Mar 10 20:17:32 wheat dhcpd: Unable to add forward map from corn.betterworld.us to 192.168.40.25: timed out
Mar 10 20:17:32 wheat dhcpd: DHCPREQUEST for 192.168.40.25 (192.168.40.1) from 00:0e:0c:9b:e8:84 (corn) via eth1
Mar 10 20:17:32 wheat dhcpd: DHCPACK on 192.168.40.25 to 00:0e:0c:9b:e8:84 (corn) via eth1
Mar 10 20:17:38 wheat dhcpd: DHCPINFORM from 192.168.40.25 via eth1
Mar 10 20:17:38 wheat dhcpd: DHCPACK to 192.168.40.25
Mar 10 20:17:41 wheat dhcpd: DHCPINFORM from 192.168.40.25 via eth1
Mar 10 20:17:41 wheat dhcpd: DHCPACK to 192.168.40.25

The obvious difference here is that the client booted Windows 2000 for
that dialogue.  Subsequent boots of Linux show no attempts at updates,
as before:
Mar 10 21:21:43 wheat dhcpd: DHCPDISCOVER from 00:0e:0c:9b:e8:84 via eth1
Mar 10 21:21:44 wheat dhcpd: DHCPOFFER on 192.168.40.50 to 00:0e:0c:9b:e8:84 via eth1
Mar 10 21:21:44 wheat dhcpd: Wrote 0 deleted host decls to leases file.
Mar 10 21:21:44 wheat dhcpd: Wrote 0 new dynamic host decls to leases file.
Mar 10 21:21:44 wheat dhcpd: Wrote 8 leases to leases file.
Mar 10 21:21:44 wheat dhcpd: DHCPREQUEST for 192.168.40.50 (192.168.40.1) from 00:0e:0c:9b:e8:84 via eth1
Mar 10 21:21:44 wheat dhcpd: DHCPACK on 192.168.40.50 to
00:0e:0c:9b:e8:84 via eth1

Mar 11 11:00:35 wheat dhcpd: DHCPDISCOVER from 00:0e:0c:9b:e8:84 via eth1
Mar 11 11:00:36 wheat dhcpd: DHCPOFFER on 192.168.40.49 to 00:0e:0c:9b:e8:84 via eth1
Mar 11 11:00:36 wheat dhcpd: Wrote 0 deleted host decls to leases file.
Mar 11 11:00:36 wheat dhcpd: Wrote 0 new dynamic host decls to leases file.
Mar 11 11:00:36 wheat dhcpd: Wrote 9 leases to leases file.
Mar 11 11:00:36 wheat dhcpd: DHCPREQUEST for 192.168.40.49 (192.168.40.1) from 00:0e:0c:9b:e8:84 via eth1
Mar 11 11:00:36 wheat dhcpd: DHCPACK on 192.168.40.49 to
00:0e:0c:9b:e8:84 via eth1

The client hostname (corn) appears in the dialogue from Windows but
not from Linux.  The Linux client is running Debian's dhcp-client
2.0pl5-19.4 with the default settings untouched (I think).  The
configuration file /etc/dhclient.conf is entirely commented out,
though a related script (which may be invoked by default?)
/etc/dhclient-script is there.

BTW this is the default dhcp client with the latest beta Debian
systems.

Another possibility is that lease expiration is changing the results.
The second to last paragraph in the section on the Interim Update
Scheme says
    In  addition to these differences, the server also does not update very
    aggressively.  Because each DNS update involves a round trip to the DNS
    server,  there  is a cost associated with doing updates even if they do
    not actually modify the DNS  database.    So  the  DHCP  server  tracks
    whether  or not it has updated the record in the past (this information
    is stored on the lease) and does not attempt to update records that  it
    thinks it has already updated.
But since some of the IP's above are new (.49 and .50) that's probably
not the problem.

On the client name: the original configuration had a fixed address
with a defined hostname.  I switched to dynamic assignment of IPs.
Also, some of the entries in dhcpd.leases have the host name. 
However, the one with the recent assignment that generated DNS update
attempts doesn't:
lease 192.168.40.25 {
  starts 6 2006/03/11 04:17:32;
  ends 6 2006/03/11 10:57:32;
  tstp 6 2006/03/11 10:57:32;
  binding state free;
  hardware ethernet 00:0e:0c:9b:e8:84;
  uid "\001\000\016\014\233\350\204";
}
However, the description of the Interim DNS update scheme refers to an
MD5 has over the client's identification; perhaps that's the uid
above?

On "ignore client-updates;" I am currently using the default (allow,
according to the man page).  However, I'm a little confused about what
this means.  The man says "The FQDN options includes a flag which,
when sent by the client, indicates that the client wishes to update
its own A record."  That sounds as if the client (corn) will directly
contact the DNS server.  But it continues "the server can be
configured either to honor the client's intentions or ignore them."
That makes it sound as if the DHCP server always does the update of
DNS, and the option just affects how it decides what the hostname is.
That is reinforced by "If the server is configured to allow client
updates, the if the client [sends a FDQN], the server will use that
name .. to update the PTR record."

Or maybe the server updates the PTR and the client updates the A?  But
that seems really odd.

This digression aside, I haven't set up the client to update DNS, so I
doubt it is doing so.  It certainly doesn't have the keys.  And the
denied request above is on 127.0.0.1, so I think it must be local
(i.e., from the dhcp server).

Why one request was denied and the other timed out (in the exchange at
the top) I don't know.

Could the fact that the client machine has had multiple leases with
different IP's, different types of IP's, different system names, and
even different ethernet hardware be causing trouble?

I'll probably try updating the client to version 3 software, but I'd
expect things to work for v2.

More information about the dhcp-users mailing list