# Bind 9 DDNS error: Dhcp Unable to update zone

## milamontagne

Hi. I'm trying to get dhcpd to update my zone files with bind 9

To start: Heres the error thats reported in the everything log file:

```

Jan 13 19:24:02 [named] journal file /etc/bind/zone.lan.CthuWulf.jnl does not exist, creating it

Jan 13 19:24:02 [named] /etc/bind/zone.lan.CthuWulf.jnl: create: permission denied

Jan 13 19:24:02 [named] client 10.0.0.2#32801: updating zone 'CthuWulf.lan/IN': error: journal open failed: unexpected error

Jan 13 19:24:02 [dhcpd] Unable to add forward map from HPPAV.CthuWulf.lan to 10.0.0.8: timed out

Jan 13 19:24:02 [dhcpd] DHCPREQUEST for 10.0.0.8 from 00:50:ba:47:96:07 via eth0

Jan 13 19:24:02 [dhcpd] DHCPACK on 10.0.0.8 to 00:50:ba:47:96:07 via eth0

Jan 13 19:24:53 [named] client 10.0.0.2#32801: updating zone 'CthuWulf.lan/IN': update failed: 'name not in use' prerequisite not satisfied (YXDOMAIN)

Jan 13 19:24:53 [named] client 10.0.0.2#32801: updating zone 'CthuWulf.lan/IN': update failed: 'RRset exists (value dependent)' prerequisite not satisfied (NXRRSET)

Jan 13 19:24:53 [dhcpd] Can't update forward map CthuGate.CthuWulf.lan to 10.0.0.251: no such RRset

```

My dhcpd.conf Looks like this:

```

ddns-update-style interim;

 subnet 10.0.0.0 netmask 255.255.255.0 {

        # Declare that we are the authoritative source in this

        # Domain for dhcp info

         authoritative;

        # Declare clients can't change their own records

         ignore client-updates;

        # Declare the Domain Name, the DNS servers, and the router

        # (aka gateway) for this subnet so the clients know what to

        # use

         option domain-name "CthuWulf.lan";

         option domain-name-servers 10.0.0.2;

         option routers 10.0.0.1;

        # Declare Dynamic Domain Name and update options

         ddns-updates on;

         ddns-domainname "CthuWulf.lan";

         ddns-rev-domainname "0.0.10.in-addr.arpa";

         ddns-ttl 9600;

         update-static-leases on;

         include "/etc/bind/rndc.key";

        # Declare Domain Key and secret

         key "CthuKey" {

         algorithm hmac-md5;

         secret "<its a secret>";

                       }

        # Declare DNS Zones, foward and reverse, and key to use

         zone CthuWulf.lan {

         primary 10.0.0.2;

         key "CthuKey";

                            }

         zone 10.0.0.in-addr.arpa {

         primary 10.0.0.2;

         key "CthuKey";

                                      }

        # Unknown clients get this pool.

         pool {

           option domain-name-servers CthuServ.CthuWulf.lan;

           max-lease-time 300;

           range 10.0.0.41 10.0.0.253;

           allow unknown-clients;

         }

        # Known clients get this pool.

         pool {

           option domain-name-servers CthuServ.CthuWulf.lan;

           max-lease-time 28800;

           range 10.0.0.5 10.0.0.40;

           deny unknown-clients;

              }

        # Declare Known clients below for use with above

        host dr1 {

        option host-name "dr1";

        hardware ethernet 00:50:ba:b3:0a:a2;

        filename "remote.boot";

        fixed-address 10.0.0.4;

        server-name "CthuServ.CthuWulf.lan";

                      }

        host CthuServTwo {

        option host-name "CthuServTwo";

        hardware ethernet 00:00:F8:04:02:AC;

        filename "remote.boot";

        fixed-address 10.0.0.3;

        server-name "CthuServ.CthuWulf.lan";

                      }

        host IczerOne {

        option host-name "IczerOne";

        hardware ethernet 00:90:27:9d:16:fa;

        filename "remote.boot";

        fixed-address 10.0.0.5;

        server-name "CthuServ.CthuWulf.lan";

                      }

        host BedBitch {

        option host-name "BedBitch";

        hardware ethernet 00:08:C7:39:F8:D6;

        filename "remote.boot";

        fixed-address 10.0.0.6;

        server-name "CthuServ.CthuWulf.lan";

                      }

        host John {

        option host-name "John";

        hardware ethernet 00:30:1B:38:FE:A0;

        filename "remote.boot";

        fixed-address 10.0.0.7;

        server-name "CthuServ.CthuWulf.lan";

                   }

        host MaryBeth {

        option host-name "MaryBeth";

        hardware ethernet 00:50:BA:47:96:07;

        filename "remote.boot";

        fixed-address 10.0.0.8;

        server-name "CthuServ.CthuWulf.lan";

                      }

#############Reserved For Future Use#######################

#        host Reserved {

#        option host-name "Reserved";

#        hardware ethernet ;

#        filename "remote.boot";

#        fixed-address 10.0.0.9;

#        server-name "CthuServ.CthuWulf.lan";

#                         }

        host BattleAngel {

        option host-name "BattleAngel";

        hardware ethernet 00:30:b0:1d:b8:c8;

        filename "remote.boot";

        fixed-address 10.0.0.10;

        server-name "CthuServ.CthuWulf.lan";

                         }

        host Covalt {

        option host-name "Covalt";

        hardware ethernet 00:30:b0:1d:41:90;

        filename "remote.boot";

        fixed-address 10.0.0.11;

        server-name "CthuServ.CthuWulf.lan";

                    }

        host DelosTheta {

        option host-name "DelosTheta";

        hardware ethernet 00:c0:f0:46:12:c0;

        filename "remote.boot";

        fixed-address 10.0.0.13;

        server-name "CthuServ.CthuWulf.lan";

                        }

        host Guyver {

        option host-name "Guyver";

        hardware ethernet 00:c0:f0:46:12:c3;

        filename "remote.boot";

        fixed-address 10.0.0.13;

        server-name "CthuServ.CthuWulf.lan";

                    }

        host LumChan {

        option host-name "LumChan";

        hardware ethernet 00:c0:f0:46:0e:5d;

        filename "remote.boot";

        fixed-address 10.0.0.14;

        server-name "CthuServ.CthuWulf.lan";

                     }

        host Nagisa {

        option host-name "Nagisa";

        hardware ethernet 00:c0:f0:47:61:bf;

        filename "remote.boot";

        fixed-address 10.0.0.15;

        server-name "CthuServ.CthuWulf.lan";

                    }

        host Sepia {

        option host-name "Sepia";

        hardware ethernet 00:c0:f0:47:67:20;

        filename "remote.boot";

        fixed-address 10.0.0.16;

        server-name "CthuServ.CthuWulf.lan";

                   }

        host SirViolet {

        option host-name "SirViolet";

        #hardware ethernet null;

        filename "remote.boot";

        fixed-address 10.0.0.17;

        server-name "CthuServ.CthuWulf.lan";

                   }

        host SiYohko {

        option host-name "SiYohko";

        #hardware ethernet null;

        filename "remote.boot";

        fixed-address 10.0.0.18;

        server-name "CthuServ.CthuWulf.lan";

                     }

        host Yohko {

        option host-name "Yohko";

        #hardware ethernet null;

        filename "remote.boot";

        fixed-address 10.0.0.19;

        server-name "CthuServ.CthuWulf.lan";

                     }

                                       }

```

My named.conf:

```

key CthuKey {

          algorithm hmac-md5;

          secret "<its a secret>" ;

          };

options {

  // tell named where to find files mentioned below

  directory "/var/bind";

  pid-file "/var/run/named/named.pid";

  // on a multi-homed host, you might want to tell named

  // to listen for queries only on certain interfaces

  listen-on { 127.0.0.1; 10.0.0.0/24; }

      ;}

// The single dot (.) is the root of all DNS namespace, so

// this zone tells named where to start looking for any

// name on the Internet

;zone "." IN {

  // a hint type means that we've got to look elsewhere

  // for authoritative information

  type hint;

  file "/etc/bind/named.root";

};

// Where the localhost hostname is defined

zone "localhost" IN {

  // a master type means that this server needn't look

  // anywhere else for information; the localhost buck

  // stops here.

  type master;

  file "/etc/bind/zone.localhost";

  // don't allow dynamic DNS clients to update info

  // about the localhost zone

  allow-update { none; };

};

// Where the 127.0.0.0 network is defined

zone "0.0.127.in-addr.arpa" IN {

  type master;

  file "/etc/bind/revp.127.0.0";

  allow-update { none; };

};

zone "CthuWulf.lan" IN {

  // this is the authoritative server for

  // Cthuwulf.lan info

  type master;

  allow-update { key CthuKey; };

  file "/etc/bind/zone.lan.CthuWulf";

};

zone "0.0.10.in-addr.arpa" {

  // this is the authoritative server for

  // the 10.0.0.0 network

  allow-update { key CthuKey; };

  type master;

  file "/etc/bind/revp.10.0.0";

};

```

My zone.lan.cthuwulf:

```

;

; dns zone for for CthuWulf.lan

;

$ORIGIN CthuWulf.lan.

$TTL 1D

; any time you make a change to the domain, bump the

; "serial" setting below. the format is easy:

; YYYYMMDDI, with the I being an iterator in case you

; make more than one change during any one day

@     IN SOA   CthuServ hostmaster (

                        200601021 ; serial

                        8H        ; refresh

                        4H        ; retry

                        4W        ; expire

                        1D )      ; minimum

; torvalds.schroder.net serves this domain as both the

; name server (NS) and mail exchange (MX)

                NS      CthuServ

                MX      10 CthuServ

; define domain functions with CNAMEs

;depot           CNAME   stallman

;www             CNAME   cerf

; just in case someone asks for localhost.schroder.net

localhost       A       127.0.0.1

; our hostnames, in alphabetical order

BattleAngel     A       10.0.0.10

BedBitch        A       10.0.0.6

Covalt          A       10.0.0.11

CthuGate        A       10.0.0.1

CthuServ        A       10.0.0.2

CthuServTwo     A       10.0.0.3

CthuSlave       A       10.0.0.20

DelosTheta      A       10.0.0.12

dr1             A       10.0.0.4

Guyver          A       10.0.0.13

IczerOne        A       10.0.0.5

John            A       10.0.0.7

LumChan         A       10.0.0.14

MaryBeth        A       10.0.0.8

Nagisa          A       10.0.0.15

Reserved1       A       10.0.0.9

Sepia           A       10.0.0.16

SirViolet       A       10.0.0.17

SiYohko         A       10.0.0.18

Yohko           A       10.0.0.19

```

Any help, folks?

----------

## steveb

Please move your zone files to /etc/bind/pri/

In named.conf the last part should look like this:

```
// The single dot (.) is the root of all DNS namespace, so 

 // this zone tells named where to start looking for any 

 // name on the Internet 

 

 ;zone "." IN { 

   // a hint type means that we've got to look elsewhere 

   // for authoritative information 

   type hint; 

   file "pri/named.root"; 

 }; 

 

 // Where the localhost hostname is defined 

 zone "localhost" IN { 

   // a master type means that this server needn't look 

   // anywhere else for information; the localhost buck 

   // stops here. 

   type master; 

   file "pri/zone.localhost"; 

   // don't allow dynamic DNS clients to update info 

   // about the localhost zone 

   allow-update { none; }; 

 }; 

 

 // Where the 127.0.0.0 network is defined 

 zone "0.0.127.in-addr.arpa" IN { 

   type master; 

   file "pri/revp.127.0.0"; 

   allow-update { none; }; 

 }; 

 

 zone "CthuWulf.lan" IN { 

   // this is the authoritative server for 

   // Cthuwulf.lan info 

   type master; 

   allow-update { key CthuKey; }; 

   file "pri/zone.lan.CthuWulf"; 

 }; 

 

 zone "0.0.10.in-addr.arpa" { 

   // this is the authoritative server for 

   // the 10.0.0.0 network 

   allow-update { key CthuKey; }; 

   type master; 

   file "pri/revp.10.0.0"; 

 }; 
```

And do the following:

```
for foo in named.root zone.localhost revp.127.0.0 zone.lan.CthuWulf revp.10.0.0;do mv -i -v /etc/bind/${foo} /etc/bind/pri/${foo};done
```

After that change, restart Bind9 and look if you still have the error.

Cheers

SteveB

----------

## milamontagne

Thanks. Cleared up quite a bit of confusion. I took the advice on a few pages listed under a google search, and cleared

out all host/ip entries in the zone.lan.cthuwulf and revp.10.0.0 files. That cleared up a lot of the rrset prolbems.

Alas, it appears im not quite out of the woods just yet:

```

Jan 14 18:15:26 [dhcpd] DHCPREQUEST for 10.0.0.4 from 00:50:ba:b3:0a:a2 via eth0

Jan 14 18:15:26 [dhcpd] DHCPACK on 10.0.0.4 to 00:50:ba:b3:0a:a2 via eth0

Jan 14 18:19:49 [dhcpd] Internet Systems Consortium DHCP Server V3.0.1

Jan 14 18:19:49 [dhcpd] Copyright 2004 Internet Systems Consortium.

Jan 14 18:19:49 [dhcpd] All rights reserved.

Jan 14 18:19:49 [dhcpd] For info, please visit http://www.isc.org/sw/dhcp/

Jan 14 18:19:49 [dhcpd] Wrote 0 deleted host decls to leases file.

Jan 14 18:19:49 [dhcpd] Wrote 0 new dynamic host decls to leases file.

Jan 14 18:19:49 [dhcpd] Wrote 4 leases to leases file.

Jan 14 18:19:49 [dhcpd] Listening on LPF/eth0/00:04:ac:b8:77:e5/10.0.0.0/24

Jan 14 18:19:49 [dhcpd] Sending on   LPF/eth0/00:04:ac:b8:77:e5/10.0.0.0/24

Jan 14 18:19:49 [dhcpd] Sending on   Socket/fallback/fallback-net

Jan 14 18:26:10 [dhcpd] DHCPRELEASE of 10.0.0.5 from 00:90:27:9d:16:fa via eth0 (not found)

Jan 14 18:26:13 [dhcpd] DHCPDISCOVER from 00:90:27:9d:16:fa via eth0

Jan 14 18:26:13 [dhcpd] DHCPOFFER on 10.0.0.5 to 00:90:27:9d:16:fa via eth0

Jan 14 18:26:13 [named] client 10.0.0.2#32788: updating zone 'CthuWulf.lan/IN': update failed: 'name not in use' prerequisite not satisfied (YXDOMAIN)

Jan 14 18:26:13 [named] client 10.0.0.2#32788: updating zone 'CthuWulf.lan/IN': deleting an rrset

Jan 14 18:26:13 [named] client 10.0.0.2#32788: updating zone 'CthuWulf.lan/IN': adding an RR

Jan 14 18:26:13 [dhcpd] Added new forward map from IczerOne.CthuWulf.lan to 10.0.0.5

Jan 14 18:26:13 [dhcpd] unable to add reverse map from 5.0.0.10.in-addr.arpa. to IczerOne.CthuWulf.lan: not a zone

```

It appears that dhcpd is quite able to update the foward map, but when it comes to adding an entry in the revp.10.0.0

zone, it gets confused. Also, im not quite sure what the 'name not in use' is referring to, however when i check the zone.lan.cthuwulf file, the entry is quite correct for that host/ip.

My revp.10.0.0 file looks something like this:

```

;

; reverse pointers for 10.0.0.0 subnet

;

$ORIGIN 0.0.10.in-addr.arpa.

$TTL 1D

@     IN SOA  CthuServ.CthuWulf.lan. hostmaster.CthuServ.lan. (

              200601020  ; serial

              28800      ; refresh (8 hours)

              14400      ; retry (4 hours)

              2419200    ; expire (4 weeks)

              86400      ; minimum (1 day)

              )

; define the authoritative name server

              NS      CthuServ.CthuWulf.lan.

; our hosts, in numeric order

```

and my current zone.lan.CthuWulf:

```

$ORIGIN .

$TTL 86400      ; 1 day

CthuWulf.lan            IN SOA  CthuServ.CthuWulf.lan. hostmaster.CthuWulf.lan. (

                                200601023  ; serial

                                28800      ; refresh (8 hours)

                                14400      ; retry (4 hours)

                                2419200    ; expire (4 weeks)

                                86400      ; minimum (1 day)

                                )

                        NS      CthuServ.CthuWulf.lan.

                        MX      10 CthuServ.CthuWulf.lan.

$ORIGIN CthuWulf.lan.

$TTL 14400      ; 4 hours

HPPAV                   A       10.0.0.8

                        TXT     "31c7fa40896696786e4818594201df0da1"

$TTL 9600       ; 2 hours 40 minutes

IczerOne                A       10.0.0.5

                        TXT     "318c778a7a79333108a7deb0d7ee9a4346"

$TTL 86400      ; 1 day

localhost               A       127.0.0.1

```

Any idea on how to solve this new prolbem?

Once Again, i really appreicate the help.

----------

## milamontagne

Whoops   :Embarassed:  Looks like i made a configuration error in /etc/dhcp/dhcpd.conf:

```

zone 10.0.0.in-addr.arpa { 

         primary 10.0.0.2; 

         key "CthuKey"; 

                                      }

```

Should Actually be:

```

 zone 0.0.10.in-addr.arpa {

         primary 10.0.0.2;

         key "CthuKey";

                                      }

```

Thanks steve for helping me out with my original prolbem! DNS updates are working great!

As a side note, i cleared out all of my host entries in /etc/bind/pri/zone.lan.cthuwulf and in /etc/bind/pri/revp.10.0.0 

and let dhcpd add the entries for me. Takes care of that RRset issue nicely. The last bit of trouble comes from

named Or (from what I've been reading via google) dhcpd:

```

CthuServ everything # cat current |grep named

<snip>

Jan 15 11:12:24 [named] client 10.0.0.2#32791: updating zone 'CthuWulf.lan/IN': update failed: 'name not in use' prerequisite not satisfied (YXDOMAIN)

Jan 15 11:12:24 [named] client 10.0.0.2#32791: updating zone 'CthuWulf.lan/IN': deleting an rrset

Jan 15 11:12:24 [named] client 10.0.0.2#32791: updating zone 'CthuWulf.lan/IN': adding an RR

Jan 15 11:12:24 [named] client 10.0.0.2#32791: updating zone '0.0.10.in-addr.arpa/IN': deleting an rrset

Jan 15 11:12:24 [named] client 10.0.0.2#32791: updating zone '0.0.10.in-addr.arpa/IN': adding an RR

```

However, the updates are going through, and for now, I'll have to be content with that.

----------

