[Kea-users] Question on kea-ddns

classic Classic list List threaded Threaded
5 messages Options
J
Reply | Threaded
Open this post in threaded view
|

[Kea-users] Question on kea-ddns

J
Perhaps newbie question…?

Using Kea 1.3 with ddns hooks and feeding powerDNS, both backed by mysql.

Have a reservation set for a client machine (using MAC) which works fine.  But after lease is given out, no DDNS update is attempted (as evidenced in the kea-ddns.log file.  Other clients getting addresses from a free/random range on the same VLAN get put into powerDNS (including PTR records)

Is there something about the reservation that is causing the ddns call not to occur?

Thanks in advance
Jim.
_______________________________________________
Kea-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/kea-users
Reply | Threaded
Open this post in threaded view
|

Re: [Kea-users] Question on kea-ddns

Thomas Markwalder
Hello Jim:

Currently, kea-dhcp4 does DNS updates if the client sends either the
Host Name or FQDN options in the REQUEST.  If it sends both, the server
will use FQDN.  Typically a client would issue a DISCOVER asking for the
Host Name, and then send it back in the REQUEST, or use it to construct
a FQDN option and send that in the request.  If your client is not
providing either option, the server does not do DNS.

Regards,

Thomas Markwalder
ISC Sofware Engineering


On 07/23/2018 10:19 PM, J wrote:

> Perhaps newbie question…?
>
> Using Kea 1.3 with ddns hooks and feeding powerDNS, both backed by mysql.
>
> Have a reservation set for a client machine (using MAC) which works fine.  But after lease is given out, no DDNS update is attempted (as evidenced in the kea-ddns.log file.  Other clients getting addresses from a free/random range on the same VLAN get put into powerDNS (including PTR records)
>
> Is there something about the reservation that is causing the ddns call not to occur?
>
> Thanks in advance
> Jim.
> _______________________________________________
> Kea-users mailing list
> [hidden email]
> https://lists.isc.org/mailman/listinfo/kea-users

_______________________________________________
Kea-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/kea-users
Reply | Threaded
Open this post in threaded view
|

Re: [Kea-users] Question on kea-ddns

Jason Guy
Hi Thomas,

I am currently using 1.3 as well. The DDNS works great, though I found there are some cases where the DDNS to powerdns fails to update the entry if a previous one still exists. There does not seem to be any way to force the update by overwriting the existing one, even though Kea knows it just reused the lease. It is a corner case in a lab environment. 

However, I set the following for DDNS (this is yaml from my ansible playbook, but it should be easy to map to the kea config json syntax):
# DHCP4 configs
# Dynamic DNS update requests are known as NameChangeRequests or NCRs.
# Each NCR contains the following information:
# - update action: add (update) or remove DNS entries
# - entry to update: forward (A records), reverse (PTR records), or both.
# - details: FQDN, lease address, and DHCID
dhcp-ddns:
enable-updates: true
qualifying-suffix: "{{ global.dns.domain_name }}"
override-client-update: true # Kea generates forward and reverse updates
override-no-update: true # Always create DNS updates
replace-client-name: when-not-present
#DDNS configs - TSIG is optional, but probably a good idea for security
  DhcpDdns:
ip-address: 127.0.0.1 #kea default
port: 53001 #kea default
tsig-keys:
- name: "{{global.dns.dnssec.tsig_name}}"
algorithm: "{{global.dns.dnssec.tsig_algorithm }}"
secret: "{{ dns_tsig_secret|default('==undefined==') }}"
forward-ddns:
ddns-domains:
- name: "{{global.dns.domain_name}}."
key-name: "{{global.dns.dnssec.tsig_name}}"
dns-servers:
- ip-address: "{{global.dns.server.ipv4}}"
port: 5300
reverse-ddns:
ddns-domains:
- name: "{{global.dns.rev_domain.ipv4}}."
key-name: "{{global.dns.dnssec.tsig_name}}"
dns-servers:
- ip-address: "{{global.dns.server.ipv4}}"
- name: "{{global.dns.rev_domain.ipv6}}."
key-name: "{{global.dns.dnssec.tsig_name}}"
dns-servers:
- ip-address: "{{global.dns.server.ipv4}}"
port: 5300
I hope this helps to compare to a known working config.
Jason


On Tue, Jul 24, 2018 at 9:49 AM Thomas Markwalder <[hidden email]> wrote:
Hello Jim:

Currently, kea-dhcp4 does DNS updates if the client sends either the
Host Name or FQDN options in the REQUEST.  If it sends both, the server
will use FQDN.  Typically a client would issue a DISCOVER asking for the
Host Name, and then send it back in the REQUEST, or use it to construct
a FQDN option and send that in the request.  If your client is not
providing either option, the server does not do DNS.

Regards,

Thomas Markwalder
ISC Sofware Engineering


On 07/23/2018 10:19 PM, J wrote:
> Perhaps newbie question…?
>
> Using Kea 1.3 with ddns hooks and feeding powerDNS, both backed by mysql.
>
> Have a reservation set for a client machine (using MAC) which works fine.  But after lease is given out, no DDNS update is attempted (as evidenced in the kea-ddns.log file.  Other clients getting addresses from a free/random range on the same VLAN get put into powerDNS (including PTR records)
>
> Is there something about the reservation that is causing the ddns call not to occur?
>
> Thanks in advance
> Jim.
> _______________________________________________
> Kea-users mailing list
> [hidden email]
> https://lists.isc.org/mailman/listinfo/kea-users

_______________________________________________
Kea-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/kea-users

_______________________________________________
Kea-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/kea-users
Reply | Threaded
Open this post in threaded view
|

Re: [Kea-users] Question on kea-ddns

mathiasAichinger
Hi Jason,

we are seeing the same issue. Have you found a solution? Our workaround at
the moment is to set the hostname in the lease to a different value which
gets overwritten by the hosts entry (causes an update)

Mathias


Jason Guy wrote
> Hi Thomas,
>
> I am currently using 1.3 as well. The DDNS works great, though I found
> there are some cases where the DDNS to powerdns fails to update the entry
> if a previous one still exists. There does not seem to be any way to force
> the update by overwriting the existing one, even though Kea knows it just
> reused the lease. It is a corner case in a lab environment.





--
Sent from: http://kea-users.7364.n8.nabble.com/
_______________________________________________
Kea-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/kea-users
Reply | Threaded
Open this post in threaded view
|

Re: [Kea-users] Question on kea-ddns

Jason Guy
As I understand it, this is normal for the DDNS function. I have some subnets where I statically map the MAC-to-IP in host entries. For those I would like to:
- disable the DHCID creation
- force overwrite if the DISCOVER matches the hosts entry. 

However I am told the current solution is to add the DNS entries corresponding to the hosts entries, and forget the DDNS on the dynamically allocated part of a subnet, or the whole subnet. It would be cool to have a feature to fine tune this, but I'd expect this would be more of a 'hook' function. =/

Short answer, no, I don't have a good solution to the DDNS issue.

Jason

On Wed, Jun 19, 2019 at 2:27 PM mathiasAichinger <[hidden email]> wrote:
Hi Jason,

we are seeing the same issue. Have you found a solution? Our workaround at
the moment is to set the hostname in the lease to a different value which
gets overwritten by the hosts entry (causes an update)

Mathias


Jason Guy wrote
> Hi Thomas,
>
> I am currently using 1.3 as well. The DDNS works great, though I found
> there are some cases where the DDNS to powerdns fails to update the entry
> if a previous one still exists. There does not seem to be any way to force
> the update by overwriting the existing one, even though Kea knows it just
> reused the lease. It is a corner case in a lab environment.





--
Sent from: http://kea-users.7364.n8.nabble.com/
_______________________________________________
Kea-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/kea-users

_______________________________________________
Kea-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/kea-users