https://kea.readthedocs.io/en/kea-2.6.0/arm/ddns.html Finally, if there are no forward DDNS domains defined, D2 simply disregards the forward-update portion of requests.
just comment out all forward-ddns section. On Thu, Aug 1, 2024 at 1:28 PM luckydog xf <[email protected]> wrote: > okay, I have successfully implemented this function, thanks. > One more question, can I only update reverse-ddns and just ignore > forward-ddns. In other words, is it doable just to update PTR records on > powerdns and leave A records alone ? > > I made an experiment just now. > > Both are discarded, including reverse one. > > ######### > > 2024-08-01 12:20:20.824 WARN > [kea-dhcp-ddns.dhcp-to-d2/3618.139962436945792] DHCP_DDNS_NO_MATCH No DNS > servers match FQDN setexsql.whatever.com. > 2024-08-01 12:20:20.824 ERROR > [kea-dhcp-ddns.dhcp-to-d2/3618.139962436945792] > DHCP_DDNS_NO_FWD_MATCH_ERROR Request ID > 0001018A5FC0D73449520E9BC05D9E331FC2C6DFD16F44590F13198EADB4AE647F51D5: the > configured list of forward DDNS domains does not contain a match for: Type: > 1 (CHG_REMOVE) > Forward Change: yes > Reverse Change: yes > FQDN: [setexsql.whatever.com.] > IP Address: [172.16.234.241] > DHCID: > [0001018A5FC0D73449520E9BC05D9E331FC2C6DFD16F44590F13198EADB4AE647F51D5] > Lease Expires On: 20240801074626 > Lease Length: 14400 > Conflict Resolution Mode: check-with-dhcid > The request has been discarded. > 2024-08-01 12:20:20.825 WARN > [kea-dhcp-ddns.dhcp-to-d2/3618.139962436945792] DHCP_DDNS_NO_MATCH No DNS > servers match FQDN setexsql.whatever.com. > 2024-08-01 12:20:20.825 ERROR > [kea-dhcp-ddns.dhcp-to-d2/3618.139962436945792] > DHCP_DDNS_NO_FWD_MATCH_ERROR Request ID > 0001018A5FC0D73449520E9BC05D9E331FC2C6DFD16F44590F13198EADB4AE647F51D5: the > configured list of forward DDNS domains does not contain a match for: Type: > 0 (CHG_ADD) > Forward Change: yes > Reverse Change: yes > FQDN: [setexsql.whatever.com.] > IP Address: [172.16.234.241] > DHCID: > [0001018A5FC0D73449520E9BC05D9E331FC2C6DFD16F44590F13198EADB4AE647F51D5] > Lease Expires On: 20240801082020 > Lease Length: 14400 > Conflict Resolution Mode: check-with-dhcid > The request has been discarded. > > ####### > > > > On Tue, Jul 30, 2024 at 4:47 PM Lee Porte <[email protected]> wrote: > >> Yes they are my two PowerDNS servers. I have them running as an >> active/active pair. >> >> On Tue, 30 Jul 2024, 07:05 luckydog xf, <[email protected]> wrote: >> >>> Just curious, IPs 192.168.1.4 and 192.168.1.5 are IPs of PowerDNS, >>> right? >>> >>> On Tue, Jul 30, 2024 at 2:56 AM Lee Porte <[email protected]> wrote: >>> >>>> Hi, >>>> >>>> Here;s what I have in my DHCP4 config to enable the DDNS updates >>>> >>>> "dhcp-ddns": { >>>> "enable-updates": true, >>>> }, >>>> "ddns-qualifying-suffix": "example.com", >>>> "ddns-override-no-update": true, >>>> "ddns-override-client-update": true, >>>> "ddns-update-on-renew": true, >>>> "hostname-char-set": "[^A-Za-z0-9.-]", >>>> "hostname-char-replacement": "-", >>>> >>>> >>>> And this is what I have in DDNS config >>>> >>>> { >>>> "DhcpDdns": { >>>> "ip-address": "127.0.0.1", >>>> "port": 53001, >>>> "control-socket": { >>>> "socket-type": "unix", >>>> "socket-name": "/var/lib/kea/kea-ddns-ctrl.sock" >>>> }, >>>> "tsig-keys": [ >>>> { >>>> "name": "dhcp-key", >>>> "algorithm": "HMAC-SHA256", >>>> "secret": "SUPERsecretKEY" >>>> } >>>> ], >>>> "forward-ddns": { >>>> "ddns-domains": [ >>>> { >>>> "name": "example.com.", >>>> "key-name": "dhcp-key", >>>> "dns-servers": [ >>>> { >>>> "ip-address": "192.168.1.4" >>>> }, >>>> { >>>> "ip-address": "192.168.1.5" >>>> } >>>> ] >>>> } >>>> ] >>>> }, >>>> "reverse-ddns": { >>>> "ddns-domains": [ >>>> { >>>> "name": "1.168.192.in-addr.arpa.", >>>> "key-name": "dhcp-key", >>>> "dns-servers": [ >>>> { >>>> "ip-address": "192.168.1.4" >>>> }, >>>> { >>>> "ip-address": "192.168.1.5" >>>> } >>>> ] >>>> }, >>>> { >>>> "name": "7.168.192.in-addr.arpa.", >>>> "key-name": "dhcp-key", >>>> "dns-servers": [ >>>> { >>>> "ip-address": "192.168.1.4" >>>> }, >>>> { >>>> "ip-address": "192.168.1.5" >>>> } >>>> ] >>>> } >>>> ] >>>> }, >>>> "loggers": [ >>>> { >>>> "name": "kea-dhcp-ddns", >>>> "output_options": [ >>>> { >>>> "output": "/var/log/kea/kea-ddns.log", >>>> "maxsize": 1048576, >>>> "maxver": 8 >>>> } >>>> ], >>>> "severity": "INFO", >>>> "debuglevel": 0 >>>> } >>>> ] >>>> } >>>> } >>>> >>>> On the power DNS side I have >>>> >>>> ################################# >>>> # allow-dnsupdate-from A global setting to allow DNS updates from >>>> these IP ranges. >>>> # >>>> #allow-dnsupdate-from= >>>> allow-dnsupdate-from= >>>> >>>> ################################# >>>> # dnsupdate Enable/Disable DNS update (RFC2136) support. Default is >>>> no. >>>> # >>>> dnsupdate=yes >>>> >>>> I have also generated key values and added the to the database as per >>>> https://doc.powerdns.com/authoritative/dnsupdate.html#dns-update-how-to-setup-dyndns-rfc2136-with-dhcpd >>>> Though I did tweak the key generation to use SHA256 rather than MD5 >>>> >>>> dnssec-keygen -a hmac-sha256 -b 4096 USER dhcpdupdate >>>> >>>> Cheers >>>> >>>> L >>>> >>>> On Mon, 29 Jul 2024 at 08:53, Lee Porte <[email protected]> wrote: >>>> >>>>> Hi, >>>>> >>>>> Yes it definitely is possible as I'm running kea with DDNS updates to >>>>> PowerDNS currently. >>>>> >>>>> I can grab some config snippets later on for you. >>>>> >>>>> Cheers >>>>> >>>>> L >>>>> >>>>> On Mon, 29 Jul 2024, 02:52 luckydog xf, <[email protected]> wrote: >>>>> >>>>>> Hello, list >>>>>> >>>>>> Is it possible to integrate kea-dhcp with PowerDNS by DDNS ? I read >>>>>> the docs and didn't find related pages. Only one kea-dhcp-ddns exists. >>>>>> >>>>>> Thanks. >>>>>> -- >>>>>> ISC funds the development of this software with paid support >>>>>> subscriptions. Contact us at https://www.isc.org/contact/ for more >>>>>> information. >>>>>> >>>>>> To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users >>>>>> . >>>>>> >>>>>> Kea-users mailing list >>>>>> [email protected] >>>>>> https://lists.isc.org/mailman/listinfo/kea-users >>>>>> >>>>> >>>> >>>> -- >>>> Lee Porte >>>> 07989 310 952 >>>> -- >>>> ISC funds the development of this software with paid support >>>> subscriptions. Contact us at https://www.isc.org/contact/ for more >>>> information. >>>> >>>> To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. >>>> >>>> Kea-users mailing list >>>> [email protected] >>>> https://lists.isc.org/mailman/listinfo/kea-users >>>> >>> -- >>> ISC funds the development of this software with paid support >>> subscriptions. Contact us at https://www.isc.org/contact/ for more >>> information. >>> >>> To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. >>> >>> Kea-users mailing list >>> [email protected] >>> https://lists.isc.org/mailman/listinfo/kea-users >>> >> -- >> ISC funds the development of this software with paid support >> subscriptions. Contact us at https://www.isc.org/contact/ for more >> information. >> >> To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. >> >> Kea-users mailing list >> [email protected] >> https://lists.isc.org/mailman/listinfo/kea-users >> >
-- ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. Kea-users mailing list [email protected] https://lists.isc.org/mailman/listinfo/kea-users
