Debian Administration
System Administration Tips and Resources
Question: DHCP and automatic DNS Updates
Posted by ajt on Mon 26 Sep 2005 at 11:07
How do I get the DHCP server to dynamically update the DNS server? I know it's possible, but how do I do it?
I'm running dhcp3-server 3.0.1-2, bind 9.2.4-1 on Debian Sarge. I found documents for older versions, but not these. A google search turns up several "how tos" but they are different, and slightly conflicting, so far nothing seems to work. I know there are other tools that do this, but I'd like to know how to get this pair working.
As ever, thanks in advance.
[ Send Message | View Steve's Scratchpad | View Weblogs ]
Personally I'd run something else for an internal setup - bind is overkill unless you're doing complex things you don't want to explain.
Anyway this guide appeared reasonable at first glance.
I know I've used a similar setup in the past for allowing updates from DHCP - before I switched to using dnsmasq instead for combined DNS + DHCP operation.
Steve
--
[ Parent | Reply to this comment ]
The guide looks okay, I'll report back if it works.
If I can't get BIND9/DHCP-Server3 to work, I'll give dnsmasq a go. I could just give my machines static IPs, my network is that small, I'm just trying to learn stuff.
--
"It's Not Magic, It's Work"
Adam
[ Parent | Reply to this comment ]
[ Parent | Reply to this comment ]
[ Send Message | View Steve's Scratchpad | View Weblogs ]
I don't believe it can, although it does allow rewriting of external queries which it has forwarded to another DNS server.
I've not investigated it fully, but I'd be suprised if it offered this ability; mostly because it is designed to be fairly simple to run ..
Steve
--
[ Parent | Reply to this comment ]
That being said I have had a good deal of success with having bind9 and dhcp3 inter communicate. I used the how-to located here:
http://www.realmtech.net/documents/DynamicDNS.pdf
My only real changes, besides using different keys, was I used algorithm hmac-md5; in all the files.
Good Luck
[ Parent | Reply to this comment ]
Running bind is a great exercise, and frankly a lot of us who are doing it are doing it to learn enough to implement it on our corporate networks, which aren't managable without it.
I've long wanted to figure this one out -- ie using industry standard products to do dynamic dns in a big and scalable way.
Originally my interest was for the FAS undergrad network at Harvard. It's a lot of people, they all get routable addresses, and the network segments aren't so big that we can give everyone an effectively static IP. Any time you have more people who COULD be on a network segment at some time than 253 and want everyone to have a static alias whichever segment they're on at the moment, this need makes a lot of sense. I'd love to see some good answers on the topic.
[ Parent | Reply to this comment ]
I'm about to have a go at it myself.
[ Parent | Reply to this comment ]
It's actually dead easy, ONCE you find the right commands in the mountain of documentation.
There isn't a lot too it, but I'd be willing to write down what I did, if anyone is interested.
--
"It's Not Magic, It's Work"
Adam
[ Parent | Reply to this comment ]
[ Send Message | View Steve's Scratchpad | View Weblogs ]
It would make a nice follow-up piece ...
Steve
--
[ Parent | Reply to this comment ]
--
"It's Not Magic, It's Work"
Adam
[ Parent | Reply to this comment ]
[ Send Message | View Serge's Scratchpad | View Weblogs ]
As for documenation, I also warmly recommand reading O'reilly's Butterfly (http://www.oreilly.com/catalog/dns4/), which gives besides thorough information on Bind, including dynamic updates, also gives important general network information everyone one of us should at least have read once.
My 0.02 EURO ;-)
--
Serge van Ginderachter
[ Parent | Reply to this comment ]
QUE's book DNS and BIND by Langfeldt is also very good, but I think neither really cover dynamic DNS with DHCP very well.
My question would be "is it worth doing?".
Do you really want people doing ad-hoc peer to peer networking? Which is what dynamic DNS is about in this context.
The DNS is a store of vitally important data for reaching key servers on most corporate networks, controlling email, web access, and access to core application servers, so you want to delegate any dynamic messing around into less important, small sub domains, so when the Windows boxes start crashing and burning the impact is limited to small sets of client systems. Assuming you are dealing with Windows clients, you can just delegate those subdomains to ADS servers.
Allocating things that offer services static addresses via DHCP, is old fashioned, but works well enough for some very big networks.
Doing scalable enterpise class dynamic DNS with is challenging with ISC BIND because of handling fail over of the DHCP servers and "primary" (named in SOA) DNS server. And I remain to be convinced it is really worth the effort for most organisations. I suspect to do it "right" you'll want a relational database backend to BIND, all very messy.
I found the dynamic updates in DNS a good sanity check when "manually editting" DNS records, because you have to be explicit about what records to delete, and what to add, and it spits out most typos. So I stuck with that even after abandoning the dynamic updates from DHCP.
[ Parent | Reply to this comment ]
http://www.mattfoster.clara.co.uk/ddns.htm
[ Parent | Reply to this comment ]
However, 2 points:
- Check out this site for a really good run down on how to get it all working. What's really nice is that he uses GNU/Linux and FreeBSD, so you get to learn about more OS's, and it's really thorough.
- The other links in comments seem to all use BIND's "allow-update" clauses. Forget that, if you're after a learning experience, rather use the better, and more granular, "update-policy" statments, as they're far more likely to be needed in a "real-world" setting.
[ Parent | Reply to this comment ]
--
"It's Not Magic, It's Work"
Adam
[ Parent | Reply to this comment ]
This Server also supports nearly every feature like Zone Transfer and Replication, Relay Agent, Child Zones and DNS Proxy, DHPC Options and BOOTP.
http://sourceforge.net/projects/dhcp-dns-server/
Nenhum comentário:
Postar um comentário