[Kea-users] New user - can't seem to make my DDNS updates work?

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

[Kea-users] New user - can't seem to make my DDNS updates work?

Oscar Carlsson
Hi,

I've recently setup KEA to handle DHCP, which is does already.  It was a fun
experience to go through the documentation and testing it out.

I also have a knot dns server that manages my local zones.  I've followed the
documentation for knot for creating my TSIG key, tested it using knsupdate (it
worked) and then added it to my kea-dhcp-ddns.conf according to the d2
documentation (also adding forward- and reverse-dns configuration).  I've then
set dhcp_ddns=yes in keactrl.conf as well.

But I don't get any DDNS updates.  I'm running Armbian (on a ASUS Tinkerboard
if it matters) but it's basically just Debian.  I've unmasked, enabled and
started dhcp4/d2.

I've attached a log/config file so this mail won't get overly long here.  I
think I've configured kea dhcp4/ddns correctly but I'm obviously missing
something that prevents this from working like expected.  I've only included a
limited config but everything is the same for all subnets/zones.

Any pointers?


Regards,
Oscar
_______________________________________________
ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/kea-users

kea-ddns.md (3K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: [Kea-users] New user - can't seem to make my DDNS updates work?

Michael Agbaglo
Looks as if TSIG implementation is incomplete.

https://kea.readthedocs.io/en/latest/arm/ddns.html

"key-name - if TSIG is used with this domain’s servers, this value should be the name of the key from the TSIG Key List. If the value is blank (the default), TSIG will not be used in DDNS conversations with this domain’s servers. Currently this value is not used as TSIG has not been implemented."


On 30/12/2020 22.39, Oscar Carlsson wrote:
Hi,

I've recently setup KEA to handle DHCP, which is does already.  It was a fun 
experience to go through the documentation and testing it out.

I also have a knot dns server that manages my local zones.  I've followed the 
documentation for knot for creating my TSIG key, tested it using knsupdate (it 
worked) and then added it to my kea-dhcp-ddns.conf according to the d2 
documentation (also adding forward- and reverse-dns configuration).  I've then 
set dhcp_ddns=yes in keactrl.conf as well.

But I don't get any DDNS updates.  I'm running Armbian (on a ASUS Tinkerboard 
if it matters) but it's basically just Debian.  I've unmasked, enabled and 
started dhcp4/d2.

I've attached a log/config file so this mail won't get overly long here.  I 
think I've configured kea dhcp4/ddns correctly but I'm obviously missing 
something that prevents this from working like expected.  I've only included a 
limited config but everything is the same for all subnets/zones.

Any pointers?


Regards,
Oscar

_______________________________________________
ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/kea-users

-- 
shifted bytes GmbH | Morsbronner Weg 39 | 12109 Berlin
+49 30 35054024 | [hidden email]
Handelsregister: AG Berlin-Charlottenburg, HRB 197942
Sitz der Gesellschaft: Berlin 
Geschäftsführer: Michael Agbaglo

_______________________________________________
ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/kea-users
Reply | Threaded
Open this post in threaded view
|

Re: [Kea-users] New user - can't seem to make my DDNS updates work?

Oscar Carlsson
Hi,

I've tried changing kea d2 (to not use tsig) and knot (updated the acl to not
use tsig) but it seems to be unchanged - no DDNS updates.

I've tried using knsupdate without tsig and it worked as expected.

I've double checked the documentation for my verson (d2 is 1.6.2) and these
are the supported RFCs:

* Secret Key Transaction Authentication for DNS (TSIG), _RFC 2845_
Dynamic Updates in the Domain Name System (DNS UPDATE), _RFC 2136_
* Resolution of Fully Qualified Domain Name (FQDN) Conflicts among Dynamic
Host Configuration Protocol (DHCP) Clients, _RFC 4703_
* A DNS Resource Record (RR) for Encoding Dynamic Host Configuration Protocol
(DHCP) Information (DHCID RR), _RFC 4701_

Could it be something else - like the fact that my Knot authoritative server
is running on a non-standard port?  Or that I have an unbound instance running
at port 53, which forwards requests either to Knot (for local zones) or to
pihole (running in a container) which forwards the requests which aren't ads.

Happy new year btw!


BR,
Oscar

torsdag 31 december 2020 kl. 10:48:21 CET skrev  Michael Agbaglo:

> Looks as if TSIG implementation is incomplete.
>
> https://kea.readthedocs.io/en/latest/arm/ddns.html
>
> "|key-name| - if TSIG is used with this domain’s servers, this value
> should be the name of the key from the TSIG Key List. If the value is
> blank (the default), TSIG will not be used in DDNS conversations with
> this domain’s servers. Currently this value is not used as TSIG has not
> been implemented."
>
> On 30/12/2020 22.39, Oscar Carlsson wrote:
> > Hi,
> >
> > I've recently setup KEA to handle DHCP, which is does already.  It was a
> > fun experience to go through the documentation and testing it out.
> >
> > I also have a knot dns server that manages my local zones.  I've followed
> > the documentation for knot for creating my TSIG key, tested it using
> > knsupdate (it worked) and then added it to my kea-dhcp-ddns.conf
> > according to the d2 documentation (also adding forward- and reverse-dns
> > configuration).  I've then set dhcp_ddns=yes in keactrl.conf as well.
> >
> > But I don't get any DDNS updates.  I'm running Armbian (on a ASUS
> > Tinkerboard if it matters) but it's basically just Debian.  I've
> > unmasked, enabled and started dhcp4/d2.
> >
> > I've attached a log/config file so this mail won't get overly long here.
> > I
> > think I've configured kea dhcp4/ddns correctly but I'm obviously missing
> > something that prevents this from working like expected.  I've only
> > included a limited config but everything is the same for all
> > subnets/zones.
> >
> > Any pointers?
> >
> >
> > Regards,
> > Oscar
> >
> > _______________________________________________
> > ISC funds the development of this software with paid support
> > subscriptions. Contact us at https://www.isc.org/contact/ for more
> > information.
> >
> > To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.
> >
> > Kea-users mailing list
> > [hidden email]
> > https://lists.isc.org/mailman/listinfo/kea-users




_______________________________________________
ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/kea-users