Dynamische DNS-Updates per DHCP
Hallo,
ich möchte einen experimentellen BIND-Server einrichten und dabei auch
dynamische DNS-Updates per ISC DHCP3-Server nutzen.
Leider funktionieren die dynamischen Updates bisher nicht. Keine der
Informationsquellen, die ich im Internet über DHCP-DNS allgemein oder bei
Debian speziell gefunden habe, konnte mir weiterhelfen.
Mithilfe von tcpdump auf dem eth0-Interface und dem lo-Interface konnte ich
noch nicht einmal einen Versuch des DHCP-Servers feststellen, was an den
DNS-Server zu senden. In die in "named.conf.local" definierten Logdateien
wird nichts geschrieben.
Kann mir jemand mitteilen, was ich vielleicht übersehen, vergessen oder falsch
gemacht habe?
Die nach meiner Ansicht entscheidenden Dateien habe ich angehängt.
Viele Grüße
Christoph
# Dynamic DNS stuff
ddns-updates true;
ddns-update-style interim;
ddns-domainname "pleger.local.";
deny client-updates;
include "/etc/bind/rndc.key";
zone pleger.local. {
primary 127.0.0.1;
key rndc-key;
}
zone 2.168.192.in-addr.arpa. {
primary 127.0.0.1;
key rndc-key;
}
# option definitions common to all supported networks...
option domain-name "pleger.local";
option domain-name-servers 192.168.2.3, 192.168.2.1;
default-lease-time 1800;
max-lease-time 3600;
# If this DHCP server is the official DHCP server for the local
# network, the authoritative directive should be uncommented.
authoritative;
subnet 192.168.2.0 netmask 255.255.255.0 {
range 192.168.2.100 192.168.2.199;
option routers 192.168.2.1;
}
// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind9/README.Debian.gz for information on the
// structure of BIND configuration files in Debian, *BEFORE* you customize
// this configuration file.
//
// If you are just adding zones, please do that in /etc/bind/named.conf.local
controls {
inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { "rndc-key"; };
};
include "/etc/bind/named.conf.options";
// prime the server with knowledge of the root servers
zone "." {
type hint;
file "/etc/bind/db.root";
};
// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912
zone "localhost" {
type master;
file "/etc/bind/db.local";
};
zone "127.in-addr.arpa" {
type master;
file "/etc/bind/db.127";
};
zone "0.in-addr.arpa" {
type master;
file "/etc/bind/db.0";
};
zone "255.in-addr.arpa" {
type master;
file "/etc/bind/db.255";
};
// zone "com" { type delegation-only; };
// zone "net" { type delegation-only; };
// From the release notes:
// Because many of our users are uncomfortable receiving undelegated answers
// from root or top level domains, other than a few for whom that behaviour
// has been trusted and expected for quite some length of time, we have now
// introduced the "root-delegations-only" feature which applies delegation-only
// logic to all top level domains, and to the root domain. An exception list
// should be specified, including "MUSEUM" and "DE", and any other top level
// domains from whom undelegated responses are expected and trusted.
// root-delegation-only exclude { "DE"; "MUSEUM"; };
include "/etc/bind/named.conf.local";
//
// Do any local configuration here
//
// My zone
logging {
channel update_debug {
file "/var/log/update-debug.log";
severity debug 3;
print-category yes;
print-severity yes;
print-time yes;
};
channel security_info {
file "/var/log/named-auth.log";
severity info;
print-category yes;
print-severity yes;
print-time yes;
};
category update { update_debug; };
category security { security_info; };
};
include "/etc/bind/rndc.key";
zone "pleger.local" {
type master;
file "/etc/bind/master/db.pleger.local";
allow-update { key "rndc-key"; };
};
zone "2.168.192.in-addr.arpa" {
type master;
file "/etc/bind/master/db.pleger.local.rev";
allow-update { key "rndc-key"; };
};
// Consider adding the 1918 zones here, if they are not used in your
// organization
include "/etc/bind/zones.rfc1918";
# Configuration file for /sbin/dhclient, which is included in Debian's
# dhcp3-client package.
#
# This is a sample configuration file for dhclient. See dhclient.conf's
# man page for more information about the syntax of this file
# and a more comprehensive list of the parameters understood by
# dhclient.
#
# Normally, if the DHCP server provides reasonable information and does
# not leave anything out (like the domain name, for example), then
# few changes must be made to this file, if any.
#
send host-name "test.pleger.local";
#send dhcp-client-identifier 1:0:a0:24:ab:fb:9c;
#send dhcp-lease-time 3600;
#supersede domain-name "fugue.com home.vix.com";
#prepend domain-name-servers 127.0.0.1;
request subnet-mask, broadcast-address, time-offset, routers,
domain-name, domain-name-servers, host-name,
netbios-name-servers, netbios-scope, interface-mtu;
#require subnet-mask, domain-name-servers;
#timeout 60;
#retry 60;
#reboot 10;
#select-timeout 5;
#initial-interval 2;
#script "/etc/dhcp3/dhclient-script";
#media "-link0 -link1 -link2", "link0 link1";
#reject 192.33.137.209;
#alias {
# interface "eth0";
# fixed-address 192.5.5.213;
# option subnet-mask 255.255.255.255;
#}
#lease {
# interface "eth0";
# fixed-address 192.33.137.200;
# medium "link0 link1";
# option host-name "andare.swiftmedia.com";
# option subnet-mask 255.255.255.0;
# option broadcast-address 192.33.137.255;
# option routers 192.33.137.250;
# option domain-name-servers 127.0.0.1;
# renew 2 2000/1/12 00:00:01;
# rebind 2 2000/1/12 00:00:01;
# expire 2 2000/1/12 00:00:01;
#}
Reply to: