troubleshooting Question

Dynamic update of Bind from windows clients

Avatar of roncioiu
roncioiuFlag for United States of America asked on
DNSLinuxLinux Networking
9 Comments2 Solutions4295 ViewsLast Modified:
I know this question has been asked before, and I have read and tried to follow numerous how-to's on the internet and some from here as well; however, I can not get windows clients to update the bind server zones.

I setup dhcp on the server , and I see clients grabbing ip's all the time, however I do not see those ip's registered in the bind zones.

All the files in the /bind directory are owned by bind:bind with permissions of 644


 
 
  DHCP

key "rndc-key" {
        algorithm hmac-md5;
        secret "xxxxxxxxxxxxxxxxxxx";
};

server-identifier      192.168.0.250;
ddns-updates      on;
ddns-update-style interim;
ddns-domainname      "foo.local";
ddns-rev-domainname "in-addr.arpa.";
allow client-updates;

# Normal DHCP stuff
option domain-name      "foo.local.";
option domain-name-servers      192.168.0.250, 192.168.0.1;
option ntp-servers      192.168.0.250
option ip-forwarding      off;
default-lease-time      600;
max-lease-time      7200;      
authoritative;

subnet 192.168.0.0 netmask 255.255.255.0 {
      range            192.168.0.50 192.168.0.190;
      option broadcast-address      192.168.0.255;
      option routers            192.168.0.1;
      allow            unknown-clients;
      
      ddns-domainname "foo.local";
      ddns-rev-domainname      "0.168.192.in-addr.arpa";

      zone      0.168.192.in-addr.arpa. {
            primary      192.168.0.250;
            key      rndc-key;
      }
      
      zone      foo.local. {
            primary      192.168.0.250;
            key      rndc-key;
      }
}




bind9

key "rndc-key" {
        algorithm hmac-md5;
        secret "xxxxxxxxxxxxxxxxxxx";
};

acl "foo.local" {
      192.168.0.0/24;
      127.0.0.1;
};

options{
      directory "/etc/bind/";
      listen-on port 53 { 192.168.0.0/24; };
      allow-query { "foo.local"; };
      forwarders { 8.8.8.8; 8.8.4.4; };
      pid-file "/var/run/named/named.pid";
      allow-recursion { foo.local; };
      dnssec-enable      yes;
      version none;
};

controls {
      inet 127.0.0.1 port 953
      allow { 127.0.0.1; 192.168.0.250; } keys { "rndc-key"; };
};

 
zone "." {
      type hint;
      file "db.root";
};

zone "foo.local" {
      type master;
      file "/etc/bind/db.Server.foo";
      allow-update { key rndc-key; };
      notify yes;
      journal "/var/lib/bind/foo.local.jnl";
};



zone "0.168.192.in-addr.arpa" {
      type master;
      file "/etc/bind/db.0.168.192.in-addr.arpa";
      allow-update { key rndc-key; };
      notify no;
      journal "/var/lib/bind/0.168.192.in-addr.arpa.jnl";
};


zone "127.in-addr.arpa" {
             type master;
             file "/etc/bind/db.127";
             allow-update { none; };
};

zone "0.in-addr.arpa" {
             type master;
             file "/etc/bind/db.0";
             allow-update { none; };
};

zone "255.in-addr.arpa" {
             type master;
             file "/etc/bind/db.255";
             allow-update { none; };
};


 

Can someone point me in the right direction? What am I doing wrong.
ASKER CERTIFIED SOLUTION
Join our community to see this answer!
Unlock 2 Answers and 9 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 2 Answers and 9 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros