On Wed, 2005-08-10 at 16:14 -0500, Todd Nine wrote:
> I need some help with a DHCP client and I'm running into some
> serious issues. I'll give a brief overview of what I want, what is
> working, and where I need help.
>
> 1. What I want
>
> I would like to have all my DHCP clients to send their
> hostname. This way I can connect to any client regardless of
> OS.
This seems to depend on the client as much as the server. I couldn't
get a Red Hat 9 client to send its desired hostname through to a Red Hat
9 DHCP server, though other client OSs certainly worked fine.
> 1. What is working
>
> I have a router/firewall running Fedora Core 2. It runs Bind
> 9.2.3 and Dhcpd 3.0.1. I have successfully set up my domain
> of nine.homelinux.com, and I have dhcpd updated the hosts in
> that domain using a TSIG key. I can ping my router or any
> other windows machine from a windows clients.
That domain name (homelinux.com) exists, is it yours? (I see records
for it through dyndns.org.) If not, you're going to have (and possibly
cause) problems.
> 1. What I need help with.
>
> Highest Priority
>
> I cannot get my Fedora 4 workstations to work correctly. They
> send their hostname, and when I view the leases with the
> webmin interface for dhcp, the hostname shows up. However, I
> cannot ssh into them or ping them from my windows machines by
> hostname, only by IP. I have included my /etc/dhclient.conf
> on the first Fedora 4 box I'm trying to get working. See the
> lower priority section below for logging from my DHCPd dns
> section
>
> send host-name "marge";
> send dhcp-client-identifier 1:0:a0:24:ab:fb:9c;
> #send dhcp-lease-time 3600;
> #supersede domain-name "nine.homelinux.com";
> #prepend domain-name-servers 127.0.0.1;
> request subnet-mask, broadcast-address, time-offset, routers,
> domain-name, domain-name-servers;
> #require subnet-mask, domain-name-servers;
> #timeout 60;
> #retry 60;
> #reboot 10;
> #select-timeout 5;
> #initial-interval 2;
> #script "/etc/dhclient-script";
> #media "-link0 -link1 -link2", "link0 link1";
> #reject 192.33.137.209;
>
> #alias {
> # interface "ep0";
> # fixed-address 192.5.5.213;
> # option subnet-mask 255.255.255.255;
> #}
>
> #lease {
> # interface "ep0";
> # fixed-address 192.33.137.200;
> # medium "link0 link1";
> # option host-name "andare.swiftmedia.com";
> # option subnet-mask 255.255.255.0;
> # option broadcast-address 192.33.137.255;
> # option routers 192.33.137.250;
> # option domain-name-servers 127.0.0.1;
> # renew 2 2000/1/12 00:00:01;
> # rebind 2 2000/1/12 00:00:01;
> # expire 2 2000/1/12 00:00:01;
> #}
You're telling those clients to use themselves as their own DNS server
(with the 127.0.0.1 name server addresses, though I see it's commented
out). If they don't also run their own DNS server, and it isn't updated
from your DHCP server, they won't be able to resolve names. The
name-server address would normally be supplied as the address for the
name server that the DHCP server is updating.
My DHCP configuration has the name of the DNS zone it has to update
configured into it. Here's most of mine (minus other subnets):
/etc/dhcpd.conf
authoritative;
allow client-updates;
include "/etc/rndc.key"; # (same key used by BIND)
ddns-domainname "lan.localhost.";
ddns-rev-domainname "in-addr.arpa.";
ddns-update-style interim;
ddns-updates on;
default-lease-time 21600; # 2 hours
max-lease-time 43200; # 24 hours
min-lease-time 30; # 30 seconds (might allow renewing
experiments)
option domain-name "lan.localhost.";
option pop-server pop3.lan.localhost;
option smtp-server smtp.lan.localhost;
option wpad-curl code 252 = text;
#option wpad-curl "http://proxy.lan.localhost/wpad.dat";;
option www-server www.lan.localhost;
option ntp-servers time.lan.localhost;
option time-offset 34200; # Australian Central Standard Time
#option time-offset 37800; # Central Australia Daylight Time
# Seem to be stupidly stuck with manually setting this!
# Daylight savings: 2am last Sun of Oct - 3am first Sun of Apr
option ip-forwarding off; # tell clients not to act as gateways
shared-network lan.localhost {
option wpad-curl "http://proxy.lan.localhost/wpad.dat";;
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.100 192.168.1.200;
option routers 192.168.1.254; #gateway
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.1.255;
option domain-name-servers 192.168.1.254;
option netbios-dd-server 192.168.1.254;
option netbios-name-servers 192.168.1.254; # WINS
option netbios-node-type 8;
option netbios-scope "";
option finger-server finger.lan.localhost;
zone 1.168.192.in-addr.arpa. {
primary 192.168.1.254;
key rndckey;
}
zone lan.localhost. {
primary 192.168.1.254;
key rndckey;
}
}
}
> Lower Priority
>
> I'm constantly getting these error messages in my DHCP logs.
> Does anyone have any idea what this means?
>
> if bart.nine.homelinux.com IN A rrset doesn't exist add
> bart.nine.homelinux.com 300 IN A 192.168.0.50: timed out.: 289
> Time(s)
> if lisa.nine.homelinux.com IN A rrset doesn't exist add
> lisa.nine.homelinux.com 300 IN A 192.168.0.87: timed out.: 288
> Time(s)
> if maggie.nine.homelinux.com IN A rrset doesn't exist add
> maggie.nine.homelinux.com 300 IN A 192.168.0.98: timed out.:
> 41 Time(s)
> if marge.nine.homelinux.com IN A rrset doesn't exist add
> marge.nine.homelinux.com 300 IN A 192.168.0.83: timed out.:
> 329 Time(s)
Could be permissions. I went through lots of fun before I got my DHCP
server working with my DNS server. I had to ensure that the right
ownership rights were applied to the directory where the DNS records
lived ("named" username and group name, rwx for named user, not-rwx to
everything else). And I had to ensure that both the DHCP and DNS
servers were using the same RNDC key. And allow updates with the DNS
server.
/etc/named.conf snippets:
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
include "/etc/named.custom";
include "/etc/rndc.key";
acl lan {
192.168/16;
127.0.0.1;
};
options {
directory "/var/named/";
allow-query { lan; };
query-source address * port 53;
listen-on { 127.0.0.1; };
listen-on { 192.168/16; };
notify no;
also-notify { 192.168.1.1; 192.168.1.4; };
dialup yes;
cleaning-interval 15;
heartbeat-interval 120;
interface-interval 15;
};
zone "." {
type hint;
file "named.ca";
};
zone "lan.localhost" {
type master;
file "lan.localhost.zone";
allow-update { key "rndckey"; };
allow-transfer { lan; };
notify yes;
};
zone "1.168.192.in-addr.arpa" {
type master;
file "1.168.192.in-addr.arpa.zone";
allow-update { key "rndckey"; };
allow-transfer { lan; };
notify yes;
};
--
Don't reply to my address directly, it's ignored. I read the mailing
list.
