# [SOLVED] dhcpd + bind - can't do ddns reverse map updates

## Ant P.

I've been banging my head against this for hours now and I can't figure out what's wrong; I've got my DHCP server set up to add DNS entries, which works for the forward map (so I can do "host laptop.lan"), but the reverse map fails ("host 192.168.0.130" does not work). The logs go like this:

```
==> dhcpd/current <==

Jun 12 01:13:02 [dhcpd] DHCPDISCOVER from 00:22:43:43:55:e3 via br0

Jun 12 01:13:03 [dhcpd] DHCPOFFER on 192.168.0.130 to 00:22:43:43:55:e3 (laptop) via br0

==> named/debug.log <==

12-Jun-2010 01:13:03.009 update: client 127.0.0.1#38572: view internal: updating zone 'lan/IN': adding an RR at 'laptop.lan' A

12-Jun-2010 01:13:03.009 update: client 127.0.0.1#38572: view internal: updating zone 'lan/IN': adding an RR at 'laptop.lan' TXT

==> dhcpd/current <==

Jun 12 01:13:03 [dhcpd] Added new forward map from laptop.lan to 192.168.0.130

Jun 12 01:13:03 [dhcpd] unable to add reverse map from 130.0.168.192.in-addr.arpa to laptop.lan: timed out

Jun 12 01:13:03 [dhcpd] DHCPREQUEST for 192.168.0.130 (192.168.0.5) from 00:22:43:43:55:e3 (laptop) via br0

Jun 12 01:13:03 [dhcpd] DHCPACK on 192.168.0.130 to 00:22:43:43:55:e3 (laptop) via br0
```

And the config files (some stuff left out for readability):

named.conf

```

include "/etc/bind/logs.conf";

include "/etc/bind/rndc.key";

include "/etc/bind/dhcp.keys";

acl "trusted" {

    192.168.0.0/24;

    127.0.0.0/8;

};

options {

    listen-on { any; };

    allow-query { trusted; };

    allow-query-cache { trusted; };

};

controls {

    inet 127.0.0.1 port 953 allow { 127.0.0.1/32; ::1/128; } keys { "rndc-key"; };

};

view "internal" in {

    match-clients { trusted; };

    recursion yes;

    additional-from-auth yes;

    additional-from-cache yes;

    zone "." in {

        type hint;

        file "/var/bind/root.cache";

    };

    zone "localhost" IN {

        type master;

        file "pri/localhost.zone";

        allow-query { any; };

        allow-transfer { none; };

        notify no;

    };

    zone "127.in-addr.arpa" IN {

        type master;

        file "pri/127.zone";

        allow-query { any; };

        allow-transfer { none; };

        notify no;

    };

    zone "lan." IN {

        type master;

        file "pri/lan.zone";

        allow-update { key "dhcp-key"; };

    };

    zone "0.168.192.in-addr.arpa." IN {

        type master;

        file "pri/192.168.0.zone";

        allow-update { key "dhcp-key"; };

    };

};
```

dhcpd.conf

```
authoritative;

ddns-domainname "lan";

ddns-rev-domainname "in-addr.arpa";

ddns-update-style interim;

default-lease-time 30;

max-lease-time 86400;

option domain-name "lan";

use-host-decl-names on;

include "/etc/bind/dhcp.keys";

zone lan. {

    primary 127.0.0.1;

    key dhcp-key;

}

zone 0.168.192.in-addr.arpa. {

    primary 127.0.0.1;

    key dhcp-key;

}
```

I've tried everything I can think of - it really doesn't make sense why one would work but not the other because the config for both bits is virtually identical. Is there something really obvious I'm missing?Last edited by Ant P. on Wed Jun 16, 2010 11:43 am; edited 1 time in total

----------

## nativemad

I don't see anything obvious wrong...

The only thing i can think of are the file permissions of the zonefiles!? 

Good luck

----------

## Herring42

I've tried before and failed to get this working.   :Crying or Very sad: 

Please let us know if you manage!

As far as I understood, the dynamic updates are not held in the zone files...

----------

## nativemad

 *Herring42 wrote:*   

> 
> 
> As far as I understood, the dynamic updates are not held in the zone files...

 

Of course they are! -Where should they be otherwise!?   :Rolling Eyes: 

I have it working for years over here with about 10 different subnets declared!

----------

## Herring42

 *nativemad wrote:*   

> 
> 
> Of course they are! -Where should they be otherwise!?  
> 
> 

 

Umm, in their own dynamic file? So you could separate those hosts you set directly from the dynamic ones? That would make sense to me!

----------

## nativemad

 *Herring42 wrote:*   

> 
> 
> Umm, in their own dynamic file? So you could separate those hosts you set directly from the dynamic ones? That would make sense to me!

 

Not really... they are in one zone file! -That's the reason why one should only allow dhcpd or special hosts to make updates!! (I remember a case where client-machines where able to delete the NS-records via nslookup on a Windows Domain controller  :Shocked:  )

I don't see a real reason otherwise why they should be any different from static entries!?

----------

## Ant P.

Yes, I've already checked the permissions on the zone files. I can delete the .jnl that gets auto-created for forward DNS and it gets remade without a problem, so it's not that.

----------

## nativemad

Does the reverse zone work at all? Not that the problem is the zone itself...

```
host -a ip.of.the.server
```

----------

## Ant P.

That was it!

My 192.168 zone had "$ORIGIN ." at the top of the file and apparently it didn't like that, even though all the DNS names in the file were absolute ones. Changed that to the in-addr.arpa thing it should be and everything works now. Thanks!

----------

