On Sat, Aug 10, 2002 at 01:04:49PM -0400, Charles R. Anderson wrote:
On Sat, Aug 10, 2002 at 11:47:52AM -0400, Brad Noyes wrote: maitre> Hi All, maitre> I got my home network rigged up to do dynamic dns with dhcp. It seems that the maitre> linux and fBSD dhcp clients don't send the hostname to the dhcp server, so no maitre> name record is created for those clients. Does anyone know how to do this? maitre> (windows clients seem to send the hostname okay).
wow ... first i'll answer your questions.
What is the DHCP server? What is the DNS server? How are the servers configured?
DHCP server from ISC dhcpd-3.0p11 DNS server from ISC bind-9.1.3 (both on same machine, OS is OpenBSd) they are configured so the dhcpd gets a request and updates named, both A records and PTR records
If you are using ISC dhclient, you can configure /etc/dhclient.conf with a line like this:
send host-name "foo.bar";
or if you want your configured hostname to override what the server sends back:
supercede host-name "foo.bar";
ahhh, okay i get it. I did a seach for dhclient.conf on my client machien and i couldn't find one, so i created one, read the man page, and i was able to get linux to send the hostname.
However, there may be more to the story than just that...
There are a few different ways DDNS can be done. One way is to have the DHCP client update the forward DNS itself, and tell the DHCP server to update the reverse DNS to match. That way the client can choose it's own DNS name, and tell the DHCP server to set the PTR record to that name (since the DHCP server will have the authority to update PTR records in the subnets it is serving). Of course, the client must have permissions on the forward DNS zone to update it. Usually TSIG or SIG0 cryptographic signatures are used to provide secure DNS updates for this purpose (however Windows DNS servers don't support TSIG or SIG0, only the GSS proprietary protocol).
This is something that i don't want becuase i have a windows clients in the house.
The other way is to have the DHCP server update BOTH the forward and reverse DNS. In this case, usually the server dictates both the forward and reverse DNS domains, and can either use the client-provided hostname or choose it's own hostname for the client.
This is what i have at the moment. The networks is small enough where i know that names will not colide.
These behaviors are controlled by the DHCP FQDN option (82). The client can request that it update the forward DNS, or request that the server update the forward DNS. The server can either accept what the client requests, or reject it. If the server rejects the client's requests for the client to update the DNS, the client should not attempt to perform the update.
i have the dhcpd server do all the work. Easier for me to control and i don't have to create keys for all the clients.
ISC DHCP supports the standard form of DDNS described above (unsecure updates or TSIG security only). You can't update Windows DNS servers securely with it. You can however update Windows DNS servers if security isn't configured, or you can have a Windows DHCP server update so-called "legacy" clients without using the DDNS protocol above. Having never used Windows DHCP/DNS servers, I wouldn't know how to configure that... All the servers involved are on OpenBSD so this is not a problem.
To have the ISC dhclient perform DDNS and update it's own A record put this in dhclient.conf:
send fqdn.fqdn "foo.bar."; send fqdn.encoded on; send fqdn.server-update off;
Change the last option to "on" to request the server to update the A record.
The server is doing the updating here so i would have this set to 'on'
There may be more stuff to configure, such as zone statements and keys, depending on what servers you are using and how they are configured...
This is plenty on information for the time being. I think i have most things working now. Thanks Charles! --brad