Hi there,
I am running isc-dhcp-server in ipv6 mode, and I'd like to update the
local internal dns zones hosted by bind9 with dhcpv6 client's names and
ipv6 addresses.
The built-in ddns seems to be completely unable to remove entries from
the dns upon expiry or release, so I ended up doing ddns stuff on my
own using "on commit|expiry|release" event handlers and corresponding
scripts.
But this also has issues with expiry and release events. While
(almost...) everything is fine with commits, I am having trouble
getting enough information about which hosts lease has expired or was
released.
This is the code I have in the dhcpd6.conf global scope:
on commit {
set ClientMac = "n/a";
set ClientIP = pick-first-value(binary-to-ascii(16, 16, ":", substring(option dhcp6.ia-na, 16, 16)), "n/a");
set ClientID = pick-first-value(binary-to-ascii(16, 8, ":", option dhcp6.client-id), "n/a");
set ClientName = pick-first-value(ddns-hostname, option fqdn.hostname, option host-name, "n/a");
log(concat("Commit (global): Mac: ", ClientMac, ", IP: ", ClientIP, ", Name: ", ClientName, ", ID: ", ClientID));
#execute("/etc/dhcp/dhcp6commit.sh", ClientMac, ClientIP, ClientName, ClientID);
}
on expiry {
set ClientMac = "n/a";
set ClientIP = pick-first-value(binary-to-ascii(16, 16, ":", substring(option dhcp6.ia-na, 16, 16)), "n/a");
set ClientID = pick-first-value(binary-to-ascii(16, 8, ":", option dhcp6.client-id), "n/a");
set ClientName = pick-first-value(ddns-hostname, option fqdn.hostname, option host-name, "n/a");
log(concat("Expiry (global): Mac: ", ClientMac, ", IP: ", ClientIP, ", Name: ", ClientName, ", ID: ", ClientID));
#execute("/etc/dhcp/dhcp6expiry.sh", ClientMac, ClientIP, ClientName, ClientID);
}
on release {
set ClientMac = "n/a";
set ClientIP = pick-first-value(binary-to-ascii(16, 16, ":", substring(option dhcp6.ia-na, 16, 16)), "n/a");
set ClientID = pick-first-value(binary-to-ascii(16, 8, ":", option dhcp6.client-id), "n/a");
set ClientName = pick-first-value(ddns-hostname, option fqdn.hostname, option host-name, "n/a");
log(concat("Release (global): Mac: ", ClientMac, ", IP: ", ClientIP, ", Name: ", ClientName, ", ID: ", ClientID));
#execute("/etc/dhcp/dhcp6release.sh", ClientMac, ClientIP, ClientName, ClientID);
}
(I've commented the "execute" statement to not mess up ddns while
testing).
And this is what I see in the dhcp log:
Commit:
Dec 2 15:02:02 prokyon dhcpd: Reply NA: address fd10:2842:f0d1:414:b64e:8a55:154d:ad6 to client with duid 00:01:00:01:1e:dd:f7:4d:00:12:f0:90:5a:49 iaid = 1 valid for 1200 seconds
Dec 2 15:02:02 prokyon dhcpd: Commit (global): Mac: n/a, IP: fd10:2842:f0d1:414:b64e:8a55:154d:ad6, Name: n/a, ID: 0:1:0:1:1e:dd:f7:4d:0:12:f0:90:5a:49
Release:
Dec 2 15:03:39 prokyon dhcpd: Client 00:01:00:01:1e:dd:f7:4d:00:12:f0:90:5a:49 releases address fd10:2842:f0d1:414:b64e:8a55:154d:ad6
Dec 2 15:03:39 prokyon dhcpd: Release (global): Mac: n/a, IP: n/a, Name: n/a, ID: n/a
Expiry:
Dec 2 15:14:04 prokyon dhcpd: Expiry (global): Mac: n/a, IP: n/a, Name: n/a, ID: n/a
So, everything is alright for commit events, except that there's no
hostname available. I know how to create a custom hostname from address
or id, so this is not really a problem.
But for expiry and release events, there's simply nothing that can be
passed on to the scripts. No address, no name, no id. It's impossible
to remove dns entries.
Next, if I move the "set ClientIP = " lines from inside the "on
commit|expiry|release" event handlers above those into the global
scope, I magically get the address for expiry, but not for release:
Dec 2 15:35:55 prokyon dhcpd: Expiry (global): Mac: n/a, IP: fd10:2842:f0d1:414:b64e:8a55:154d:ad6, Name: n/a, ID: n/a
Dec 2 15:38:17 prokyon dhcpd: Release (global): Mac: n/a, IP: n/a, Name: n/a, ID: n/a
Moving all this code into a host statement (works for known hosts only,
of course), finally makes it possible to get a hostname and to perform
clean ddns updates for commit and expiry, but it requires at least one
dns lookup in the script to get the address from the hostname for
release events, which is a really, really ugly hack.
Am I doing something wrong, did I miss something, or ist this
intended behavior or even a bug?
Thanks for help,
Robert
--
Robert Senger
_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users