ISC DHCPv6-BIND9 DDNS update problem
Mirsad Goran Todorovac
mirsad.todorovac at alu.unizg.hr
Wed Jun 8 04:14:36 UTC 2022
Dear Sirs,
Having compiled ISC DHCPD 4.4.3 with includes/site.h: #define
DEBUG_DNS_UPDATES
I get the following output. It appears that the DDNS update code isn't
even called for IPv6.
Am I doing something terribly wrong?
Thank you.
Jun 8 06:09:02 domac dhcpd: ddns.c(150): Allocating ddns_cb=0x5604136c60a0
Jun 8 06:09:02 domac dhcpd: DDNS: ddns_fwd_srv_connector: ddns_cb:
0x5604136c60a0 flags: 50b state: DDNS_STATE_CLEANUP cur_func: <null>
eresult: 0
Jun 8 06:09:02 domac dhcpd: DDNS: ddns_modify_fwd
Jun 8 06:09:02 domac dhcpd: DDNS: build_fwd_add1:
pname:[R7000P.local.alu.hr] uname:[R7000P.local.alu.hr]
Jun 8 06:09:02 domac dhcpd: DDNS request: id ptr 0x7fdc349e8010
DDNS_STATE_ADD_FW_NXDOMAIN 192.168.100.215 for R7000P.local.alu.hr zone:
local.alu.hr.dhcid:
[00:01:01:52:62:16:06:17:56:5b:21:58:8f:69:59:ee:4e:bb:79:9d:5e:76:9b:3a:f3:b7:2c:0f:cf:01:db:4c:eb:6b:87
Jun 8 06:09:02 domac dhcpd: ddns.c(1722): Updating lease_ptr for
ddns_cp=0x5604136c60a0 (addr=192.168.100.215)
Jun 8 06:09:02 domac dhcpd: DHCPREQUEST for 192.168.100.215 from
9c:3d:cf:11:aa:a6 (R7000P) via eth1
Jun 8 06:09:02 domac dhcpd: DHCPACK on 192.168.100.215 to
9c:3d:cf:11:aa:a6 (R7000P) via eth1
Jun 8 06:09:02 domac dhcpd: DDNS reply: id ptr 0x7fdc349e8010, result:
YXDOMAIN
Jun 8 06:09:02 domac dhcpd: DDNS: ddns_fwd_srv_add1: ddns_cb:
0x5604136c60a0 flags: 50b state: DDNS_STATE_ADD_FW_NXDOMAIN cur_func:
ddns_fwd_srv_add1 eresult: 196614
Jun 8 06:09:02 domac dhcpd: DDNS: ddns_modify_fwd
Jun 8 06:09:02 domac dhcpd: DDNS: build_fwd_add2:
pname:[R7000P.local.alu.hr] uname:[R7000P.local.alu.hr]
Jun 8 06:09:02 domac dhcpd: DDNS request: id ptr 0x7fdc349e8010
DDNS_STATE_ADD_FW_YXDHCID 192.168.100.215 for R7000P.local.alu.hr zone:
local.alu.hr.dhcid:
[00:01:01:52:62:16:06:17:56:5b:21:58:8f:69:59:ee:4e:bb:79:9d:5e:76:9b:3a:f3:b7:2c:0f:cf:01:db:4c:eb:6b:87
Jun 8 06:09:02 domac dhcpd: DDNS reply: id ptr 0x7fdc349e8010, result:
success
Jun 8 06:09:02 domac dhcpd: DDNS:ddns_fwd_srv_add2: ddns_cb:
0x5604136c60a0 flags: 50b state: DDNS_STATE_ADD_FW_YXDHCID cur_func:
ddns_fwd_srv_add2 eresult: 0
Jun 8 06:09:02 domac dhcpd: Added new forward map from
R7000P.local.alu.hr to 192.168.100.215
Jun 8 06:09:02 domac dhcpd: DDNS: ddns_modify_ptr
Jun 8 06:09:02 domac dhcpd: DDNS request: id ptr 0x7fdc349e8010
DDNS_STATE_ADD_PTR R7000P.local.alu.hr for 215.100.168.192.in-addr.arpa.
zone: 168.192.in-addr.arpa.dhcid:
[00:01:01:52:62:16:06:17:56:5b:21:58:8f:69:59:ee:4e:bb:79:9d:5e:76:9b:3a:f3:b7:2c:0f:cf:01:db:4c:eb:6b:87
Jun 8 06:09:02 domac dhcpd: DDNS reply: id ptr 0x7fdc349e8010, result:
success
Jun 8 06:09:02 domac dhcpd: Added reverse map from
215.100.168.192.in-addr.arpa. to R7000P.local.alu.hr
Jun 8 06:09:02 domac dhcpd: ddns.c(1325): Updating lease_ptr for
ddns_cp=0x5604136c60a0 (addr=192.168.100.215)
Jun 8 06:09:02 domac dhcpd: ddns.c(1325):
find_lease_by_ip_addr(192.168.100.215) successful:lease=0x7fdc346b4e20
Jun 8 06:09:02 domac dhcpd: ddns.c(1326): freeing ddns_cb=0x5604136c60a0
Jun 8 06:09:46 domac dhcpd: Solicit message from
fe80::8aad:43ff:fefa:3f96 port 546, transaction ID 0x55E06C00
Jun 8 06:09:46 domac dhcpd: Picking pool address 2001:b68:2:2800::10:1208
Jun 8 06:09:46 domac dhcpd: Advertise NA: address
2001:b68:2:2800::10:1208 to client with duid
00:01:00:01:27:7d:dd:63:88:ad:43:fa:3f:96 iaid = -1774192061 valid for
3600 seconds
Jun 8 06:09:46 domac dhcpd: Sending Advertise to
fe80::8aad:43ff:fefa:3f96 port 546
Jun 8 06:09:46 domac dhcpd: Solicit message from
fe80::8aad:43ff:fefa:3f96 port 546, transaction ID 0x55E06C00
Jun 8 06:09:46 domac dhcpd: Picking pool address 2001:b68:2:2800::10:1208
Jun 8 06:09:46 domac dhcpd: Advertise NA: address
2001:b68:2:2800::10:1208 to client with duid
00:01:00:01:27:7d:dd:63:88:ad:43:fa:3f:96 iaid = -1774192061 valid for
3600 seconds
Jun 8 06:09:46 domac dhcpd: Sending Advertise to
fe80::8aad:43ff:fefa:3f96 port 546
Jun 8 06:09:46 domac dhcpd: Relay-forward message from
fe80::babe:bfff:fe26:9542 port 547, link address 2001:b68:2:2800::1,
peer address fe80::8aad:43ff:fefa:3f96
Jun 8 06:09:46 domac dhcpd: Picking pool address 2001:b68:2:2800::10:1208
Jun 8 06:09:46 domac dhcpd: Advertise NA: address
2001:b68:2:2800::10:1208 to client with duid
00:01:00:01:27:7d:dd:63:88:ad:43:fa:3f:96 iaid = -1774192061 valid for
3600 seconds
Jun 8 06:09:46 domac dhcpd: Sending Relay-reply to
fe80::babe:bfff:fe26:9542 port 547
Jun 8 06:11:57 domac dhcpd: Solicit message from
fe80::8aad:43ff:fefa:3f96 port 546, transaction ID 0x55E06C00
Jun 8 06:11:57 domac dhcpd: Picking pool address 2001:b68:2:2800::10:1208
Jun 8 06:11:57 domac dhcpd: Advertise NA: address
2001:b68:2:2800::10:1208 to client with duid
00:01:00:01:27:7d:dd:63:88:ad:43:fa:3f:96 iaid = -1774192061 valid for
3600 seconds
Jun 8 06:11:57 domac dhcpd: Sending Advertise to
fe80::8aad:43ff:fefa:3f96 port 546
Jun 8 06:11:57 domac dhcpd: Solicit message from
fe80::8aad:43ff:fefa:3f96 port 546, transaction ID 0x55E06C00
Jun 8 06:11:57 domac dhcpd: Picking pool address 2001:b68:2:2800::10:1208
Jun 8 06:11:57 domac dhcpd: Advertise NA: address
2001:b68:2:2800::10:1208 to client with duid
00:01:00:01:27:7d:dd:63:88:ad:43:fa:3f:96 iaid = -1774192061 valid for
3600 seconds
Jun 8 06:11:57 domac dhcpd: Sending Advertise to
fe80::8aad:43ff:fefa:3f96 port 546
Jun 8 06:11:57 domac dhcpd: Relay-forward message from
fe80::babe:bfff:fe26:9542 port 547, link address 2001:b68:2:2800::1,
peer address fe80::8aad:43ff:fefa:3f96
Jun 8 06:11:57 domac dhcpd: Picking pool address 2001:b68:2:2800::10:1208
Jun 8 06:11:57 domac dhcpd: Advertise NA: address
2001:b68:2:2800::10:1208 to client with duid
00:01:00:01:27:7d:dd:63:88:ad:43:fa:3f:96 iaid = -1774192061 valid for
3600 seconds
Jun 8 06:11:57 domac dhcpd: Sending Relay-reply to
fe80::babe:bfff:fe26:9542 port 547
On 07. 06. 2022. 19:13, Mirsad Goran Todorovac wrote:
> Hello all,
>
> I have a problem that our DHCPv6 DDNS update which works reliably with
> IPv4 doesn't work at all when we implemented
> the dual-stack operation with IPv6. There is not even a warning,
> notice or error in the log. No syntax errors in the config
> /etc/dhcp/dhcpd6.conf file.
>
> We are running Debian 10 Buster server with BIND 9.16.27 and ISC DHCPd
> 4.4.1
>
> root at domac:# dpkg -l ...
> Desired=Unknown/Install/Remove/Purge/Hold
> |
> Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
> |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
> ||/ Name Version Architecture Description
> +++-==============-===========================-============-=================================
>
> ii bind9 1:9.16.27-1~deb11u1~bpo10+1 amd64 Internet Domain
> Name Server
> ii isc-dhcp-server 4.4.1-2+deb10u1 amd64 ISC DHCP server for
> automatic IP address assignment
>
> Here is a typical example of DHCPv6 transactions found in the log:
>
> Jun 7 16:53:27 domac dhcpd[2971]: Solicit message from
> fe80::8aad:43ff:fefa:3f96 port 546, transaction ID 0x55E06C00
> Jun 7 16:53:27 domac dhcpd[2971]: Picking pool address
> 2001:b68:2:2800::10:1208
> Jun 7 16:53:27 domac dhcpd[2971]: Advertise NA: address
> 2001:b68:2:2800::10:1208 to client with duid
> 00:01:00:01:27:7d:dd:63:88:ad:43:fa:3f:96 iaid = -1774192061 valid for
> 3600 seconds
> Jun 7 16:53:27 domac dhcpd[2971]: Sending Advertise to
> fe80::8aad:43ff:fefa:3f96 port 546
> Jun 7 16:53:27 domac dhcpd[2971]: Solicit message from
> fe80::8aad:43ff:fefa:3f96 port 546, transaction ID 0x55E06C00
> Jun 7 16:53:27 domac dhcpd[2971]: Picking pool address
> 2001:b68:2:2800::10:1208
> Jun 7 16:53:27 domac dhcpd[2971]: Advertise NA: address
> 2001:b68:2:2800::10:1208 to client with duid
> 00:01:00:01:27:7d:dd:63:88:ad:43:fa:3f:96 iaid = -1774192061 valid for
> 3600 seconds
> Jun 7 16:53:27 domac dhcpd[2971]: Sending Advertise to
> fe80::8aad:43ff:fefa:3f96 port 546
> Jun 7 16:53:27 domac dhcpd[2971]: Relay-forward message from
> fe80::babe:bfff:fe26:9542 port 547, link address 2001:b68:2:2800::1,
> peer address fe80::8aad:43ff:fefa:3f96
> Jun 7 16:53:27 domac dhcpd[2971]: Picking pool address
> 2001:b68:2:2800::10:1208
> Jun 7 16:53:27 domac dhcpd[2971]: Advertise NA: address
> 2001:b68:2:2800::10:1208 to client with duid
> 00:01:00:01:27:7d:dd:63:88:ad:43:fa:3f:96 iaid = -1774192061 valid for
> 3600 seconds
> Jun 7 16:53:27 domac dhcpd[2971]: Sending Relay-reply to
> fe80::babe:bfff:fe26:9542 port 547
>
> fe80::babe:bfff:fe26:9542 is local-link address of our router.
>
> Our DNS/DHCP server is 161.53.235.3 or 2001:b68:2:2800::3, LLA for
> eth1 is fe80::f21f:afff:fef1:420a/64
>
> Here is our /etc/dhcp/dhcpd6.conf:
>
> default-lease-time 3600;
> preferred-lifetime 604800;
> option dhcp-renewal-time 3600;
> option dhcp-rebinding-time 7200;
> allow leasequery;
>
> option dhcp6.name-servers 2001:b68:2:2800::3,2001:b68:c:2::70:0;
> option dhcp6.domain-search "alu.hr";
>
> option dhcp6.info-refresh-time 21600;
>
> ddns-update-style standard;
> ddns-dual-stack-mixed-mode true;
> update-conflict-detection false;
> update-optimization false;
> deny client-updates;
> ddns-updates on;
> authoritative;
> log-facility local7;
> ddns-domainname "local.alu.hr.";
> ddns-rev-domainname "ip6.arpa.";
>
> include "/etc/bind/ddns.key";
>
> shared-network ilica85.alu.hr {
> subnet6 2001:b68:2:2800::/64 {
> range6 2001:b68:2:2800::10:1000 2001:b68:2:2800::10:13ff;
> option dhcp6.domain-search "local.alu.hr","alu.hr";
> option dhcp6.name-servers 2001:b68:2:2800::3,2001:b68:c:2::70:0;
> ddns-domainname "local.alu.hr";
>
> zone local.alu.hr. {
> # primary6 2001:b68:2:2800::3;
> primary 127.0.0.1;
> key DDNS_UPDATE;
> }
> zone 0.0.8.2.2.0.0.0.8.6.b.0.1.0.0.2.ip6.arpa. {
> # primary6 2001:b68:2:2800::3;
> primary 127.0.0.1;
> key DDNS_UPDATE;
> }
> }
> }
>
> subnet6 2001:b68:2:2a00::/64 {
> range6 2001:b68:2:2a00::1000 2001:b68:2:2a00::10ff;
> option dhcp6.domain-search "slava.alu.hr","alu.hr";
> option dhcp6.name-servers 2001:b68:2:2800::3,2001:b68:c:2::70:0;
> ddns-domainname "slava.alu.hr";
>
> zone slava.alu.hr. {
> primary6 2001:b68:2:2800::3;
> key DDNS_UPDATE;
> }
>
> zone 0.0.a.2.2.0.0.0.8.6.b.0.1.0.0.2.ip6.arpa. {
> primary6 2001:b68:2:2800::3;
> key DDNS_UPDATE;
> }
> }
>
> The corresponding entries in /etc/bind/named.conf.local are:
>
> zone "0.0.8.2.2.0.0.0.8.6.b.0.1.0.0.2.ip6.arpa" in {
> type master;
> file
> "/var/cache/bind/0.0.8.2.2.0.0.0.8.6.b.0.1.0.0.2.ip6.arpa.db";
> allow-update { key DDNS_UPDATE; };
> allow-transfer { 31.147.205.54; 161.53.2.70; };
> also-notify { 31.147.205.54; 161.53.2.70; };
> forwarders {};
> };
>
> zone "0.0.a.2.2.0.0.0.8.6.b.0.1.0.0.2.ip6.arpa" in {
> type master;
> file
> "/var/cache/bind/0.0.a.2.2.0.0.0.8.6.b.0.1.0.0.2.ip6.arpa.db";
> allow-update { key DDNS_UPDATE; };
> allow-transfer { 31.147.205.54; 161.53.2.70; };
> also-notify { 31.147.205.54; 161.53.2.70; };
> forwarders {};
> };
>
> zone "local.alu.hr" in {
> type master;
> file "/var/cache/bind/local.alu.hr.db";
> allow-update { key DDNS_UPDATE; };
> allow-transfer { 31.147.205.54; 161.53.2.70; };
> also-notify { 31.147.205.54; 161.53.2.70; };
> forwarders {};
> };
>
> zone "slava.alu.hr" in {
> type master;
> file "/var/cache/bind/slava.alu.hr.db";
> allow-update { key DDNS_UPDATE; };
> allow-transfer { 31.147.205.54; 161.53.2.70; };
> also-notify { 31.147.205.54; 161.53.2.70; };
> dnssec-policy "standard";
> key-directory "/var/cache/bind/keys";
> forwarders {};
> };
>
> We are also using views in BIND9, but they work well updating the
> "internal" and "universe" zones with DHCPv4, i.e.:
>
> Jun 7 16:48:21 domac dhcpd[986]: DHCPREQUEST for 192.168.100.215 from
> 9c:3d:cf:11:aa:a6 (R7000P) via eth1
> Jun 7 16:48:21 domac dhcpd[986]: DHCPACK on 192.168.100.215 to
> 9c:3d:cf:11:aa:a6 (R7000P) via eth1
> Jun 7 16:48:21 domac dhcpd[986]: Added new forward map from
> R7000P.local.alu.hr to 192.168.100.215
> Jun 7 16:48:21 domac dhcpd[986]: Added reverse map from
> 215.100.168.192.in-addr.arpa. to R7000P.local.alu.hr
>
> As you can see in the options, I tried various combinations, and I
> seem to be out of options. But we are new to IPv6
> and DHCPv6, so there may be something obvious to you I cannot see
> (like DDNS not being enabled in ISC dhcpd binary
> with option -6)?
>
> I am very interested personally in IPv6 adoption for we are expecting
> a surge in multimedia content provided,
> possibly broadcasted, additional options with IoT, security,
> surveillance cameras (requiring public IP we are short of).
>
> All of this would be greatly simplified and more adopted if the users,
> professors, staff and students wouldn't
> have to remember IPv6 address like 2001:b68:2:2800::3 but used an
> automatically assigned domain name instead.
>
> Manual IPv6 configuration and static tables for this would be an
> overkill, we are understaffed to maintain it.
>
> Thank you very much for your time and help.
>
> Kind regards,
> Mirsad Todorovac
>
--
Mirsad Goran Todorovac
CARNet sistem inženjer
Grafički fakultet | Akademija likovnih umjetnosti
Sveučilište u Zagrebu
--
CARNet system engineer
Faculty of Graphic Arts | Academy of Fine Arts
University of Zagreb, Republic of Croatia
tel. +385 (0)1 3711 451
mob. +385 91 57 88 355
More information about the dhcp-users
mailing list