ISC DHCP Server 4.2

Leave a reply

Dynamic DNS (DDNS)

Dynamic DNS and DHCP – Easy to do, and you’ll thank yourself later
BIND permission errors
setting up bind to work with nsupdate (SERVFAIL)
DNS – DDNS with DHCPv4 and DHCPv6
DDNS

$ nsupdate
> server 127.0.0.1
> key DHCP_UPDATER uFj0b3YjnGGVOxpjvmpVqQ==
> zone intra.fablabwinti.ch
> update add test123.intra.fablabwinti.ch. 600 IN A 192.168.1.12
> send
update failed: SERVFAIL

$ cat zone.update
server 127.0.0.1
zone intra.fablabwinti.ch
update add test123.intra.fablabwinti.ch. 600 IN A 192.168.1.12
send

$ nsupdate -k ddns.key -v zone.update 
update failed: SERVFAIL

$ sudo /usr/sbin/named -u bind -fg
[...]
$ mv /etc/bind/db.192.168.1 /var/lib/bind
27-Dec-2014 17:30:43.649 client 127.0.0.1#44438/key dhcp_updater: signer "dhcp_updater" approved
27-Dec-2014 17:30:43.649 client 127.0.0.1#44438/key dhcp_updater: updating zone 'intra.fablabwinti.ch/IN': adding an RR at 'test123.intra.fablabwinti.ch' A
27-Dec-2014 17:30:43.650 /etc/bind/db.intra.fablabwinti.ch.jnl: create: permission denied
27-Dec-2014 17:30:43.650 client 127.0.0.1#44438/key dhcp_updater: updating zone 'intra.fablabwinti.ch/IN': error: journal open failed: unexpected error
[...]
27-Dec-2014 17:35:34.307 client 127.0.0.1#44604/key dhcp_updater: signer "dhcp_updater" approved
27-Dec-2014 17:35:34.307 client 127.0.0.1#44604/key dhcp_updater: updating zone 'intra.fablabwinti.ch/IN': adding an RR at 'test123.intra.fablabwinti.ch' A
27-Dec-2014 17:35:34.307 /etc/bind/db.intra.fablabwinti.ch.jnl: open: permission denied
27-Dec-2014 17:35:34.307 client 127.0.0.1#44604/key dhcp_updater: updating zone 'intra.fablabwinti.ch/IN': error: journal open failed: unexpected error

$ cat /etc/apparmor.d/usr.sbin.named 
/usr/sbin/named {
  [...]

  # /etc/bind should be read-only for bind
  # /var/lib/bind is for dynamically updated zone (and journal) files.
  # /var/cache/bind is for slave/stub data, since we're not the origin of it.
  # See /usr/share/doc/bind9/README.Debian.gz
  /etc/bind/** r,
  /var/lib/bind/** rw,
  /var/lib/bind/ rw,
  /var/cache/bind/** lrw,
  /var/cache/bind/ rw,

  [...]
}

$ mv /etc/bind/db.intra.fablabwinti.ch /var/lib/bind
$ mv /etc/bind/db.192.168.1 /var/lib/bind

$ sudo /usr/sbin/named -u bind -fg
[...]
27-Dec-2014 18:04:05.276 client 127.0.0.1#51007/key dhcp_updater: signer "dhcp_updater" approved
27-Dec-2014 18:04:05.276 client 127.0.0.1#51007/key dhcp_updater: updating zone 'intra.fablabwinti.ch/IN': adding an RR at 'test123.intra.fablabwinti.ch' A
27-Dec-2014 18:04:05.281 zone intra.fablabwinti.ch/IN: sending notifies (serial 2014060402)

FAQ

DHCP Server doesn’t start

$ service isc-dhcp-server start
start: Job failed to start

$ dhcpd -t -cf /etc/dhcp/dhcpd.conf
Internet Systems Consortium DHCP Server 4.2.4
Copyright 2004-2012 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
/etc/dhcp/dhcpd.conf line 8: semicolon expected.
default-lease-time 
 ^
/etc/dhcp/dhcpd.conf line 8: expecting a parameter or declaration
default-lease-time      600;
                            ^
Configuration file errors encountered -- exiting

Leave a Reply

Your email address will not be published. Required fields are marked *