okay, I have successfully implemented this function, thanks. One more question, can I only update reverse-ddns and just ignore forward-ddns. In other words, is it doable just to update PTR records on powerdns and leave A records alone ?
I made an experiment just now. Both are discarded, including reverse one. ######### 2024-08-01 12:20:20.824 WARN [kea-dhcp-ddns.dhcp-to-d2/3618.139962436945792] DHCP_DDNS_NO_MATCH No DNS servers match FQDN setexsql.whatever.com. 2024-08-01 12:20:20.824 ERROR [kea-dhcp-ddns.dhcp-to-d2/3618.139962436945792] DHCP_DDNS_NO_FWD_MATCH_ERROR Request ID 0001018A5FC0D73449520E9BC05D9E331FC2C6DFD16F44590F13198EADB4AE647F51D5: the configured list of forward DDNS domains does not contain a match for: Type: 1 (CHG_REMOVE) Forward Change: yes Reverse Change: yes FQDN: [setexsql.whatever.com.] IP Address: [172.16.234.241] DHCID: [0001018A5FC0D73449520E9BC05D9E331FC2C6DFD16F44590F13198EADB4AE647F51D5] Lease Expires On: 20240801074626 Lease Length: 14400 Conflict Resolution Mode: check-with-dhcid The request has been discarded. 2024-08-01 12:20:20.825 WARN [kea-dhcp-ddns.dhcp-to-d2/3618.139962436945792] DHCP_DDNS_NO_MATCH No DNS servers match FQDN setexsql.whatever.com. 2024-08-01 12:20:20.825 ERROR [kea-dhcp-ddns.dhcp-to-d2/3618.139962436945792] DHCP_DDNS_NO_FWD_MATCH_ERROR Request ID 0001018A5FC0D73449520E9BC05D9E331FC2C6DFD16F44590F13198EADB4AE647F51D5: the configured list of forward DDNS domains does not contain a match for: Type: 0 (CHG_ADD) Forward Change: yes Reverse Change: yes FQDN: [setexsql.whatever.com.] IP Address: [172.16.234.241] DHCID: [0001018A5FC0D73449520E9BC05D9E331FC2C6DFD16F44590F13198EADB4AE647F51D5] Lease Expires On: 20240801082020 Lease Length: 14400 Conflict Resolution Mode: check-with-dhcid The request has been discarded. ####### On Tue, Jul 30, 2024 at 4:47 PM Lee Porte <[email protected]> wrote: > Yes they are my two PowerDNS servers. I have them running as an > active/active pair. > > On Tue, 30 Jul 2024, 07:05 luckydog xf, <[email protected]> wrote: > >> Just curious, IPs 192.168.1.4 and 192.168.1.5 are IPs of PowerDNS, right? >> >> On Tue, Jul 30, 2024 at 2:56 AM Lee Porte <[email protected]> wrote: >> >>> Hi, >>> >>> Here;s what I have in my DHCP4 config to enable the DDNS updates >>> >>> "dhcp-ddns": { >>> "enable-updates": true, >>> }, >>> "ddns-qualifying-suffix": "example.com", >>> "ddns-override-no-update": true, >>> "ddns-override-client-update": true, >>> "ddns-update-on-renew": true, >>> "hostname-char-set": "[^A-Za-z0-9.-]", >>> "hostname-char-replacement": "-", >>> >>> >>> And this is what I have in DDNS config >>> >>> { >>> "DhcpDdns": { >>> "ip-address": "127.0.0.1", >>> "port": 53001, >>> "control-socket": { >>> "socket-type": "unix", >>> "socket-name": "/var/lib/kea/kea-ddns-ctrl.sock" >>> }, >>> "tsig-keys": [ >>> { >>> "name": "dhcp-key", >>> "algorithm": "HMAC-SHA256", >>> "secret": "SUPERsecretKEY" >>> } >>> ], >>> "forward-ddns": { >>> "ddns-domains": [ >>> { >>> "name": "example.com.", >>> "key-name": "dhcp-key", >>> "dns-servers": [ >>> { >>> "ip-address": "192.168.1.4" >>> }, >>> { >>> "ip-address": "192.168.1.5" >>> } >>> ] >>> } >>> ] >>> }, >>> "reverse-ddns": { >>> "ddns-domains": [ >>> { >>> "name": "1.168.192.in-addr.arpa.", >>> "key-name": "dhcp-key", >>> "dns-servers": [ >>> { >>> "ip-address": "192.168.1.4" >>> }, >>> { >>> "ip-address": "192.168.1.5" >>> } >>> ] >>> }, >>> { >>> "name": "7.168.192.in-addr.arpa.", >>> "key-name": "dhcp-key", >>> "dns-servers": [ >>> { >>> "ip-address": "192.168.1.4" >>> }, >>> { >>> "ip-address": "192.168.1.5" >>> } >>> ] >>> } >>> ] >>> }, >>> "loggers": [ >>> { >>> "name": "kea-dhcp-ddns", >>> "output_options": [ >>> { >>> "output": "/var/log/kea/kea-ddns.log", >>> "maxsize": 1048576, >>> "maxver": 8 >>> } >>> ], >>> "severity": "INFO", >>> "debuglevel": 0 >>> } >>> ] >>> } >>> } >>> >>> On the power DNS side I have >>> >>> ################################# >>> # allow-dnsupdate-from A global setting to allow DNS updates from these >>> IP ranges. >>> # >>> #allow-dnsupdate-from= >>> allow-dnsupdate-from= >>> >>> ################################# >>> # dnsupdate Enable/Disable DNS update (RFC2136) support. Default is >>> no. >>> # >>> dnsupdate=yes >>> >>> I have also generated key values and added the to the database as per >>> https://doc.powerdns.com/authoritative/dnsupdate.html#dns-update-how-to-setup-dyndns-rfc2136-with-dhcpd >>> Though I did tweak the key generation to use SHA256 rather than MD5 >>> >>> dnssec-keygen -a hmac-sha256 -b 4096 USER dhcpdupdate >>> >>> Cheers >>> >>> L >>> >>> On Mon, 29 Jul 2024 at 08:53, Lee Porte <[email protected]> wrote: >>> >>>> Hi, >>>> >>>> Yes it definitely is possible as I'm running kea with DDNS updates to >>>> PowerDNS currently. >>>> >>>> I can grab some config snippets later on for you. >>>> >>>> Cheers >>>> >>>> L >>>> >>>> On Mon, 29 Jul 2024, 02:52 luckydog xf, <[email protected]> wrote: >>>> >>>>> Hello, list >>>>> >>>>> Is it possible to integrate kea-dhcp with PowerDNS by DDNS ? I read >>>>> the docs and didn't find related pages. Only one kea-dhcp-ddns exists. >>>>> >>>>> Thanks. >>>>> -- >>>>> ISC funds the development of this software with paid support >>>>> subscriptions. Contact us at https://www.isc.org/contact/ for more >>>>> information. >>>>> >>>>> To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. >>>>> >>>>> Kea-users mailing list >>>>> [email protected] >>>>> https://lists.isc.org/mailman/listinfo/kea-users >>>>> >>>> >>> >>> -- >>> Lee Porte >>> 07989 310 952 >>> -- >>> ISC funds the development of this software with paid support >>> subscriptions. Contact us at https://www.isc.org/contact/ for more >>> information. >>> >>> To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. >>> >>> Kea-users mailing list >>> [email protected] >>> https://lists.isc.org/mailman/listinfo/kea-users >>> >> -- >> ISC funds the development of this software with paid support >> subscriptions. Contact us at https://www.isc.org/contact/ for more >> information. >> >> To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. >> >> Kea-users mailing list >> [email protected] >> https://lists.isc.org/mailman/listinfo/kea-users >> > -- > ISC funds the development of this software with paid support > subscriptions. Contact us at https://www.isc.org/contact/ for more > information. > > To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. > > Kea-users mailing list > [email protected] > https://lists.isc.org/mailman/listinfo/kea-users >
-- ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. Kea-users mailing list [email protected] https://lists.isc.org/mailman/listinfo/kea-users
