Dynamic DNS and DHCP – Easy to do, and you’ll thank yourself later<\/a> Dynamic DNS (DDNS) Dynamic DNS and DHCP – Easy to do, and you’ll thank yourself later BIND permission errors setting up bind to work with nsupdate (SERVFAIL) DNS – DDNS with DHCPv4 and DHCPv6 DDNS $ nsupdate > server 127.0.0.1 > key DHCP_UPDATER uFj0b3YjnGGVOxpjvmpVqQ== > zone intra.fablabwinti.ch > update add test123.intra.fablabwinti.ch. 600 IN A 192.168.1.12 […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-3431","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/blog.bachi.net\/index.php?rest_route=\/wp\/v2\/posts\/3431","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.bachi.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.bachi.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.bachi.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.bachi.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3431"}],"version-history":[{"count":10,"href":"https:\/\/blog.bachi.net\/index.php?rest_route=\/wp\/v2\/posts\/3431\/revisions"}],"predecessor-version":[{"id":3444,"href":"https:\/\/blog.bachi.net\/index.php?rest_route=\/wp\/v2\/posts\/3431\/revisions\/3444"}],"wp:attachment":[{"href":"https:\/\/blog.bachi.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3431"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.bachi.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3431"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.bachi.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3431"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
\nBIND permission errors<\/a>
\nsetting up bind to work with nsupdate (SERVFAIL)<\/a>
\nDNS – DDNS with DHCPv4 and DHCPv6<\/a>
\nDDNS<\/a><\/p>\n\r\n$ nsupdate\r\n> server 127.0.0.1\r\n> key DHCP_UPDATER uFj0b3YjnGGVOxpjvmpVqQ==\r\n> zone intra.fablabwinti.ch\r\n> update add test123.intra.fablabwinti.ch. 600 IN A 192.168.1.12\r\n> send\r\nupdate failed: SERVFAIL\r\n<\/pre>\n
\r\n$ cat zone.update\r\nserver 127.0.0.1\r\nzone intra.fablabwinti.ch\r\nupdate add test123.intra.fablabwinti.ch. 600 IN A 192.168.1.12\r\nsend\r\n\r\n$ nsupdate -k ddns.key -v zone.update \r\nupdate failed: SERVFAIL\r\n<\/pre>\n
\r\n$ sudo \/usr\/sbin\/named -u bind -fg\r\n[...]\r\n$ mv \/etc\/bind\/db.192.168.1 \/var\/lib\/bind\r\n27-Dec-2014 17:30:43.649 client 127.0.0.1#44438\/key dhcp_updater: signer "dhcp_updater" approved\r\n27-Dec-2014 17:30:43.649 client 127.0.0.1#44438\/key dhcp_updater: updating zone 'intra.fablabwinti.ch\/IN': adding an RR at 'test123.intra.fablabwinti.ch' A\r\n27-Dec-2014 17:30:43.650 \/etc\/bind\/db.intra.fablabwinti.ch.jnl: create: permission denied\r\n27-Dec-2014 17:30:43.650 client 127.0.0.1#44438\/key dhcp_updater: updating zone 'intra.fablabwinti.ch\/IN': error: journal open failed: unexpected error\r\n[...]\r\n27-Dec-2014 17:35:34.307 client 127.0.0.1#44604\/key dhcp_updater: signer "dhcp_updater" approved\r\n27-Dec-2014 17:35:34.307 client 127.0.0.1#44604\/key dhcp_updater: updating zone 'intra.fablabwinti.ch\/IN': adding an RR at 'test123.intra.fablabwinti.ch' A\r\n27-Dec-2014 17:35:34.307 \/etc\/bind\/db.intra.fablabwinti.ch.jnl: open: permission denied\r\n27-Dec-2014 17:35:34.307 client 127.0.0.1#44604\/key dhcp_updater: updating zone 'intra.fablabwinti.ch\/IN': error: journal open failed: unexpected error\r\n<\/pre>\n
\r\n$ cat \/etc\/apparmor.d\/usr.sbin.named \r\n\/usr\/sbin\/named {\r\n [...]\r\n\r\n # \/etc\/bind should be read-only for bind\r\n # \/var\/lib\/bind is for dynamically updated zone (and journal) files.\r\n # \/var\/cache\/bind is for slave\/stub data, since we're not the origin of it.\r\n # See \/usr\/share\/doc\/bind9\/README.Debian.gz\r\n \/etc\/bind\/** r,\r\n \/var\/lib\/bind\/** rw,\r\n \/var\/lib\/bind\/ rw,\r\n \/var\/cache\/bind\/** lrw,\r\n \/var\/cache\/bind\/ rw,\r\n\r\n [...]\r\n}\r\n<\/pre>\n\r\n$ mv \/etc\/bind\/db.intra.fablabwinti.ch \/var\/lib\/bind\r\n$ mv \/etc\/bind\/db.192.168.1 \/var\/lib\/bind\r\n\r\n$ sudo \/usr\/sbin\/named -u bind -fg\r\n[...]\r\n27-Dec-2014 18:04:05.276 client 127.0.0.1#51007\/key dhcp_updater: signer "dhcp_updater" approved\r\n27-Dec-2014 18:04:05.276 client 127.0.0.1#51007\/key dhcp_updater: updating zone 'intra.fablabwinti.ch\/IN': adding an RR at 'test123.intra.fablabwinti.ch' A\r\n27-Dec-2014 18:04:05.281 zone intra.fablabwinti.ch\/IN: sending notifies (serial 2014060402)\r\n<\/pre>\n
FAQ<\/h3>\n
DHCP Server doesn’t start<\/h4>\n
\r\n$ service isc-dhcp-server start\r\nstart: Job failed to start\r\n<\/pre>\n
\r\n$ dhcpd -t -cf \/etc\/dhcp\/dhcpd.conf\r\nInternet Systems Consortium DHCP Server 4.2.4\r\nCopyright 2004-2012 Internet Systems Consortium.\r\nAll rights reserved.\r\nFor info, please visit https:\/\/www.isc.org\/software\/dhcp\/\r\n\/etc\/dhcp\/dhcpd.conf line 8: semicolon expected.\r\ndefault-lease-time \r\n ^\r\n\/etc\/dhcp\/dhcpd.conf line 8: expecting a parameter or declaration\r\ndefault-lease-time 600;\r\n ^\r\nConfiguration file errors encountered -- exiting\r\n<\/pre>\n","protected":false},"excerpt":{"rendered":"