[Kea-users] help with dual stack ddns updates (replacing isc-dhcp with kea-dhcp)

Fri, 16 Jun 2023 12:25:31 -0700 


Hi friends,
I'm replacing isc-dhcp with kea, but I'm having problem with dns dynamic update with dual stack 

in kea-dhcp4.conf :

  "dhcp-ddns" : {
        "enable-updates" : true,
        "server-ip" : "::1",
        "sender-ip" : "::1",
        "sender-port" : 53003,
        "replace-client-name": "when-not-present",
         },
  "ddns-send-updates" : true,
  "ddns-override-no-update" : true,
  "ddns-override-client-update" : true,
  "ddns-qualifying-suffix" : "informatica.digital.",
  "ddns-update-on-renew" : true,
  "ddns-use-conflict-resolution" : true,
#  "hostname-char-set": "[^A-Za-z0-9.-]",
#  "hostname-char-replacement": "x",
  "match-client-id": true,


in kea-dhcp6.conf :

  "dhcp-ddns" : {
        "enable-updates" : true,
        "server-ip" : "::1",
        "sender-ip" : "::1",
        "sender-port" : 53002,
        "replace-client-name": "when-not-present",
   },
  "ddns-send-updates" : true,
  "ddns-override-no-update" : true,
  "ddns-override-client-update" : true,
  "ddns-qualifying-suffix" : "informatica.digital.",
  "ddns-update-on-renew" : true,
  "ddns-use-conflict-resolution" : true,
#  "hostname-char-set": "[^A-Za-z0-9.-]",
#  "hostname-char-replacement": "x",

in kea-dhcp-ddns.conf:

"DhcpDdns": {
"ip-address": "::1",
    "control-socket": {
              "socket-type": "unix",
              "socket-name": "/run/kea/kea-ddns-ctrl-socket"
    },
    "forward-ddns": {
        "ddns-domains": [
            {
                "name": "informatica.digital.",
                "key-name": "rndc-key",
                "dns-servers": [
                    {
                        "ip-address": "::1",
                        "port": 53,
                        "key-name": "rndc-key"
                    }
                ]
            }
        ]
    },
"reverse-ddns": {
    "ddns-domains": [
        {
            "name": "0.0.d.f.ip6.arpa.",
            "dns-servers": [
                {
                    "ip-address": "::1",
                    "port": 53,
                    "key-name": "rndc-key"
                }
            ]
        },
        {
            "name": "168.192.in-addr.arpa.",
            "dns-servers": [
                {
                    "ip-address": "::1",
                    "port": 53,
                    "key-name": "rndc-key"
                }
            ]
        }
    ]
},
"tsig-keys": [
        {
            "name": "rndc-key",
            "algorithm": "HMAC-MD5",
            "secret": "TVQwpnYGt8TLDTrviBoZ4A=="
        }
    ],

Forward and reverse ipv4 are being added to dns correctly,
2023-06-16T15:44:55.087345-03:00 router kea-dhcp-ddns[6126]: Forward Change: yes 2023-06-16T15:44:55.087991-03:00 router kea-dhcp-ddns[6126]: Reverse Change: yes 2023-06-16T15:44:55.088488-03:00 router kea-dhcp-ddns[6126]: FQDN: [x79.informatica.digital.] 2023-06-16T15:44:55.089092-03:00 router kea-dhcp-ddns[6126]: IP Address: [192.168.1.2] 2023-06-16T15:44:55.089478-03:00 router kea-dhcp-ddns[6126]: DHCID: [00010161C842CCC250527045EDED24629529B402586F7336E34BF765A1C5D6ECB0B3B5] 2023-06-16T15:44:55.089774-03:00 router kea-dhcp-ddns[6126]: Lease Expires On: 20230616184954 2023-06-16T15:44:55.090088-03:00 router kea-dhcp-ddns[6126]: Lease Length: 1200 2023-06-16T15:44:55.090417-03:00 router kea-dhcp-ddns[6126]: Conflict Resolution: yes 2023-06-16T15:44:55.090802-03:00 router named[6778]: client @0xb398d934 ::1#37057/key rndc-key: signer "rndc-key" approved 2023-06-16T15:44:55.091241-03:00 router named[6778]: client @0xb398d934 ::1#37057/key rndc-key: updating zone 'informatica.digital/IN': adding an RR at 'x79.informatica.digital' A 192.168.1.2 2023-06-16T15:44:55.091666-03:00 router named[6778]: client @0xb398d934 ::1#37057/key rndc-key: updating zone 'informatica.digital/IN': adding an RR at 'x79.informatica.digital' DHCID AAEBYchCzMJQUnBF7e0kYpUptAJYb3M240v3ZaHF1uyws7U= 2023-06-16T15:44:55.098895-03:00 router named[6778]: client @0xb0c81534 ::1#37223/key rndc-key: signer "rndc-key" approved 2023-06-16T15:44:55.099474-03:00 router named[6778]: client @0xb0c81534 ::1#37223/key rndc-key: updating zone '168.192.in-addr.arpa/IN': deleting rrset at '2.1.168.192.in-addr.arpa' PTR 2023-06-16T15:44:55.099969-03:00 router named[6778]: client @0xb0c81534 ::1#37223/key rndc-key: updating zone '168.192.in-addr.arpa/IN': deleting rrset at '2.1.168.192.in-addr.arpa' DHCID 2023-06-16T15:44:55.100463-03:00 router named[6778]: client @0xb0c81534 ::1#37223/key rndc-key: updating zone '168.192.in-addr.arpa/IN': adding an RR at '2.1.168.192.in-addr.arpa' PTR x79.informatica.digital. 2023-06-16T15:44:55.100997-03:00 router named[6778]: client @0xb0c81534 ::1#37223/key rndc-key: updating zone '168.192.in-addr.arpa/IN': adding an RR at '2.1.168.192.in-addr.arpa' DHCID AAEBYchCzMJQUnBF7e0kYpUptAJYb3M240v3ZaHF1uyws7U= 


but when kea6 tries to add forward ipv6, this error appears:
2023-06-16T15:54:35.612754-03:00 router named[6778]: client @0xb0172534 ::1#37996/key rndc-key: signer "rndc-key" approved 2023-06-16T15:54:35.613385-03:00 router kea-dhcp-ddns[6126]: ERROR DHCP_DDNS_FORWARD_REPLACE_REJECTED DNS Request ID 000201A4DA3B65FDE300BAE9AD9B667E64199C8F12AA223B3AF1F569C46E640B7BD21F: Server, ::1 port:53, rejected a DNS update request to replace the address mapping for FQDN, x79.informatica.digital., with an RCODE: 8 2023-06-16T15:54:35.613818-03:00 router kea-dhcp-ddns[6126]: ERROR DHCP_DDNS_ADD_FAILED DHCP_DDNS Request ID 000201A4DA3B65FDE300BAE9AD9B667E64199C8F12AA223B3AF1F569C46E640B7BD21F: Transaction outcome Status: Failed, Event: UPDATE_FAILED_EVT, Forward change: failed,  Reverse change: failed,  request: Type: 0 (CHG_ADD) 2023-06-16T15:54:35.614200-03:00 router kea-dhcp-ddns[6126]: Forward Change: yes 2023-06-16T15:54:35.614563-03:00 router kea-dhcp-ddns[6126]: Reverse Change: yes 2023-06-16T15:54:35.614914-03:00 router kea-dhcp-ddns[6126]: FQDN: [x79.informatica.digital.] 2023-06-16T15:54:35.615268-03:00 router kea-dhcp-ddns[6126]: IP Address: [fd00:ffff:fffd::8] 2023-06-16T15:54:35.615622-03:00 router kea-dhcp-ddns[6126]: DHCID: [000201A4DA3B65FDE300BAE9AD9B667E64199C8F12AA223B3AF1F569C46E640B7BD21F] 2023-06-16T15:54:35.615972-03:00 router kea-dhcp-ddns[6126]: Lease Expires On: 19700101000000 2023-06-16T15:54:35.616369-03:00 router kea-dhcp-ddns[6126]: Lease Length: 1333 2023-06-16T15:54:35.616731-03:00 router kea-dhcp-ddns[6126]: Conflict Resolution: yes 2023-06-16T15:54:35.617214-03:00 router named[6778]: client @0xb0172534 ::1#37996/key rndc-key: updating zone 'informatica.digital/IN': update unsuccessful: x79.informatica.digital: 'name not in use' prerequisite not satisfied (YXDOMAIN) 2023-06-16T15:54:35.617754-03:00 router named[6778]: client @0xb0172534 ::1#55668/key rndc-key: signer "rndc-key" approved 2023-06-16T15:54:35.618271-03:00 router named[6778]: client @0xb0172534 ::1#55668/key rndc-key: updating zone 'informatica.digital/IN': update unsuccessful: x79.informatica.digital/DHCID: 'RRset exists (value dependent)' prerequisite not satisfied (NXRRSET) 

What is missing? thank you very much if you can help me.




--
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
[email protected]
https://lists.isc.org/mailman/listinfo/kea-users

Reply via email to