DDNS with BIND9 and DHCP3-Server notes

Setting up Dynamic DNS with bind9 and dhcp3-server

1. Modify /etc/bind/named.conf.local, adding forward / reverse zones for local domain

1. include "/etc/bind/rndc.key";
3. controls {
4.         inet 127.0.0.1 allow { localhost; } keys { "rndc-key"; };
5. };
7. zone "wwwolf.kmip.net" {
8.         type master;
9.         file "db.wwwolf.kmip.net";
10.         allow-update { key "rndc-key"; };
11. };
13. zone "1.168.192.in-addr.arpa" {
14.         type master;
15.         file "db.1.168.192";
16.         allow-update { key "rndc-key"; };
17. };

2. Look at /etc/bind/named.conf.options find

1. options {
2.  directory "/var/cache/bind";

so the db.* files will be located under /var/cache/bind

3. db.wwwolf.kmip.net

1. $TTL    604800
2. @       IN      SOA     wwwolf.kmip.net. root.wwwolf.kmip.net. (
3.                               1         ; Serial
4.                          604800         ; Refresh
5.                           86400         ; Retry
6.                         2419200         ; Expire
7.                          604800 )       ; Negative Cache TTL
8. ;
9. @       IN      NS      dhcp3srv
10. @       IN      A       192.168.1.2
11. dhcp3srv        IN      A       192.168.1.3
12. trac            IN      A       192.168.1.4

4. db.1.168.192. ($ORIGIN is significant)

1. $ORIGIN 1.168.192.in-addr.arpa.
2. $TTL    604800
3. @       IN      SOA     wwwolf.kmip.net. root.wwwolf.kmip.net. (
4.                               2         ; Serial
5.                          604800         ; Refresh
6.                           86400         ; Retry
7.                         2419200         ; Expire
8.                          604800 )       ; Negative Cache TTL
9.         IN      NS      dhcp3srv.wwwolf.kmip.net.
10. 3       IN      PTR     dhcp3srv.wwwolf.kmip.net.
11. 4       IN      PTR     trac.wwwolf.kmip.net.

5. dhcpd.conf (ddns-domainname / ddns-rev-dommainnam is significant)
Make sure following lines appears:

1. ddns-update-style interim;
2. ddns-domainname "wwwolf.kmip.net";
3. ddns-rev-domainname "1.168.192.in-addr.arpa";
5. ignore client-updates;
6. include "/etc/bind/rndc.key";

rndc-key file is shared by dhcp3-server and bind9

 

FAQ

1. ddns update / anything failed:
stop all servers, start with debug flags:
dhcpd3 -d
named -g

 

2. named (bind9) log yields "db.xxx.xxx.jnl: create: permission denied"
Check directory permission
Check /etc/apparmor.d/usr.sbin.named, make sure specified directory has "rw" priv
i.e.

1.   /etc/bind/** r,
2.   /var/lib/bind/** rw,

so if db.* files are under /etc/bind, named will fail; if db.* files are under /var/lib/bind things will work fine.

Or people may choose to disable apparmor at all.

3. Dhcpd may yield "Permission denied" reading /etc/bind/rndc.key

On my new Ubuntu 8.04 server LTS system the rndc.key file has a rw-r----- by default. Change it with a+r to let dhcpd user read it.