DDNS with multiple primary DNS servers

Glenn Satchell glenn.satchell at uniq.com.au
Tue Jun 21 14:12:05 UTC 2011 

On 06/21/11 22:49, Ingen Schenau, Jeroen van (ICTS) wrote:
> Hi,
>
> I recently started with dynamic DNS, using dhcpd to dynamically update a
> DNS zone in BIND. There are some excellent tutorials on the web, so it
> was relatively easy to implement.
>
> There's only one thing I can't get working yet: we have two primary
> (master) DNS servers and only the first server is updated. So all our
> zones are defined on two DNS servers, both master, with virtually
> identical configs built from a database.
>
> I listed both servers in the config; dhcpd.conf snippet:
>
> zone roaming.mydomain.example {
>    primary 10.0.0.2, 10.0.0.3;
>    key dhcp_updater;
> }
>
> While the dhcpd.conf manpage doesn't say anything about multiple
> primaries, the comments in the source (common/dns.c) indicate that it
> should be supported:
>
>   * The way this works is that you define the domain name to which an
>   * SOA corresponds, and the addresses of some primaries for that domain
> name:
>   *
>   *      zone FOO.COM {
>   *        primary 10.0.17.1;
>   *        secondary 10.0.22.1, 10.0.23.1;
>   *        key "FOO.COM Key";
>   *      }
>   *
>   * If an update is requested for GAZANGA.TOPANGA.FOO.COM, then the name
>   * server looks in its database for a zone record for
> "GAZANGA.TOPANGA.FOO.COM",
>   * doesn't find it, looks for one for "TOPANGA.FOO.COM", doesn't find
> *that*,
>   * looks for "FOO.COM", finds it. So it
>   * attempts the update to the primary for FOO.COM.   If that times out,
> it
>   * tries the secondaries.   You can list multiple primaries if you have
> some
>   * kind of magic name server that supports that.
>
>
> So I was wondering: does anyone use DDNS with a "multi master" DNS setup
> or are we just weird for trying such a thing? Is it supported or not and
> might this be a bug?
>
> I tested with dhcpd 4.2.1 built from source; I'm afraid my C skills are
> limited so I'm not sure how to analyze/debug this further myself. I'd
> appreciate any insights you dhcpd-gurus might offer ;)
>
>
> By the way: while it's theoretically possible to change the setup for
> our "roaming.mydomain.example" zone to a master/slave config, it would
> be hard to fit into our config build procedures. So if possible I prefer
> to dynamically update two DNS servers from DHCP.
>
>
> Regards,
>
> Jeroen van Ingen
> ICT Service Centre
> University of Twente, P.O.Box 217, 7500 AE Enschede, The Netherlands
>

You could try a packet capture (tcpdump/snoop/wireshard, etc) and see if 
dhcpd sends a packet to both name servers?

One possible argument for not doing multiple master dns servers with 
dynamically updated zones is what should happen if dhcpd were, say, able 
to update the first primary, but failed when doing the second. Should it 
try to undo the update to the first dns server? What if an old entry 
exists in one dns server but not the other? I guess all these questions 
relate to consistency - not such a problem in your other zones with 
static entries generated from your database.

-- 
regards,
-glenn

More information about the dhcp-users mailing list