Log entries "bind update on ... rejected: BNDUPD without CHADDR"

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Log entries "bind update on ... rejected: BNDUPD without CHADDR"

Brooks, Jason

Hello,

 

I have a primary and secondary dhcpd server that I have set up as central dhcp servers for a bunch of relays.  The servers come up, and they communicate properly.  The trouble is they keep reporting:

 

“bind update on ww.xx.yy.zz from <my failover> rejected: BNDUPD without CHADDR”

 

I do NOT want to update dns: dns is not relevant here.

 

Question number one:

              Is this “error” due to dhcpd failing to update the dns server, or some sort of socket binding issue?  (overuse of the word “bind” perhaps?)

 

In both of the dhcpd.conf files, I have the following lines:

ddns-update-style none;

ddns-updates off;

 

Question number two:

              Why would dhcpd try to send updates if they are turned off?

 

Further information:

I am running isc bind produced by centos: 4.2.5.  I will also be seeking answers there in case it’s a question of their compiling and bollixing it up.

 

I am currently consolidating a number of remotely located dhcp servers that are very old (Solaris 10 running bind 3.0.4 ).  At present the remote servers are having dhcp queries relayed to them by the various equipment we support.  Once this is done, we will simply change the relay ip to the new servers. 

 

The procedure I am using: replicate all dhcpd.leases, filtering out deprecated and dhcp server specific content, copying new dhcpd.leases to both dhcp development servers, and starting dhcpd.

 

Enclosed is a shortened, sanitized sample dhcpd.conf file.  The only difference between primary and secondary is the address and peer addresses are swapped.  I have ensured peer tcp ports are not firewalled.

 

Thank you for  your time!

 

--jason

 


_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users

short.dhcpd.conf (1K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Log entries "bind update on ... rejected: BNDUPD without CHADDR"

Gregory Sloop
Re: Log entries "bind update on ... rejected: BNDUPD without CHADDR" A quick google search got me this:

https://lists.isc.org/pipermail/dhcp-users/2006-October/001971.html

"This means your failover server transmitted an update for a lease
that was in the ACTIVE, EXPIRED, or RELEASED states, and did not
contain a chaddr option."

---
Given that - I'd guess it has to do with how you're moving/mirroring the leases file from the current active servers to the new fail-over pair.

I'm sure someone else will give you more detail, but that is probably helpful and a good place to start.

-Greg


Hello,

I have a primary and secondary dhcpd server that I have set up as central dhcp servers for a bunch of relays.  The servers come up, and they communicate properly.  The trouble is they keep reporting:

“bind update on ww.xx.yy.zz from <my failover> rejected: BNDUPD without CHADDR”

I do NOT want to update dns: dns is not relevant here.

Question number one:
             Is this “error” due to dhcpd failing to update the dns server, or some sort of socket binding issue?  (overuse of the word “bind” perhaps?)

In both of the dhcpd.conf files, I have the following lines:
ddns-update-style none;
ddns-updates off;

Question number two:
             Why would dhcpd try to send updates if they are turned off?

Further information:
I am running isc bind produced by centos: 4.2.5.  I will also be seeking answers there in case it’s a question of their compiling and bollixing it up.

I am currently consolidating a number of remotely located dhcp servers that are very old (Solaris 10 running bind 3.0.4 ).  At present the remote servers are having dhcp queries relayed to them by the various equipment we support.  Once this is done, we will simply change the relay ip to the new servers.  

The procedure I am using: replicate all dhcpd.leases, filtering out deprecated and dhcp server specific content, copying new dhcpd.leases to both dhcp development servers, and starting dhcpd.

Enclosed is a shortened, sanitized sample dhcpd.conf file.  The only difference between primary and secondary is the address and peer addresses are swapped.  I have ensured peer tcp ports are not firewalled.

Thank you for  your time!

--jason


--
Gregory Sloop, Principal: Sloop Network & Computer Consulting
Voice: 503.251.0452 x82
EMail:
[hidden email]
http://www.sloop.net
---
_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Reply | Threaded
Open this post in threaded view
|

Re: Log entries "bind update on ... rejected: BNDUPD without CHADDR"

Bob Harold
In reply to this post by Brooks, Jason

On Mon, Apr 29, 2019 at 7:32 PM Brooks, Jason <[hidden email]> wrote:

Hello,

 

I have a primary and secondary dhcpd server that I have set up as central dhcp servers for a bunch of relays.  The servers come up, and they communicate properly.  The trouble is they keep reporting:

 

“bind update on ww.xx.yy.zz from <my failover> rejected: BNDUPD without CHADDR”

 

I do NOT want to update dns: dns is not relevant here.

 

Question number one:

              Is this “error” due to dhcpd failing to update the dns server, or some sort of socket binding issue?  (overuse of the word “bind” perhaps?)

 

In both of the dhcpd.conf files, I have the following lines:

ddns-update-style none;

ddns-updates off;

 

Question number two:

              Why would dhcpd try to send updates if they are turned off?

 

Further information:

I am running isc bind produced by centos: 4.2.5.  I will also be seeking answers there in case it’s a question of their compiling and bollixing it up.

 

I am currently consolidating a number of remotely located dhcp servers that are very old (Solaris 10 running bind 3.0.4 ).  At present the remote servers are having dhcp queries relayed to them by the various equipment we support.  Once this is done, we will simply change the relay ip to the new servers. 

 

The procedure I am using: replicate all dhcpd.leases, filtering out deprecated and dhcp server specific content, copying new dhcpd.leases to both dhcp development servers, and starting dhcpd.

 

Enclosed is a shortened, sanitized sample dhcpd.conf file.  The only difference between primary and secondary is the address and peer addresses are swapped.  I have ensured peer tcp ports are not firewalled.


As I understand it, the primary and secondary need more differences:
- addresses swapped, as you say
- ports swapped
- 'primary' changed to 'secondary'
- 'mclt' and 'split' are only allowed on the primary

Here are a pair of mine (generated by BlueCat), for example:

failover peer "8dd393e8-8dd393f8"
{
    primary;
    address 141.211.147.232;
    port 847;
    peer address 141.211.147.248;
    peer port 647;
    max-response-delay 60;
    max-unacked-updates 10;
    mclt 1800;
    split 128;
    load balance max seconds 3;
}

failover peer "8dd393e8-8dd393f8"
{
    secondary;
    address 141.211.147.248;
    port 647;
    peer address 141.211.147.232;
    peer port 847;
    max-response-delay 60;
    max-unacked-updates 10;
    load balance max seconds 3;
}

-- 
Bob Harold
 

 

Thank you for  your time!

 

--jason



_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Reply | Threaded
Open this post in threaded view
|

RE: Log entries "bind update on ... rejected: BNDUPD without CHADDR"

Brooks, Jason

Hello Bob, you are right, and that’s what else I failed to disclose: I do have Primary and Secondary defined, and mclt and split.  I also am removing all lines in the imported leases file with “cltt” and “atsfp”…

 

Thanks for reminding me!

 

--jason

 

 

From: dhcp-users <[hidden email]> On Behalf Of Bob Harold
Sent: Tuesday, April 30, 2019 06:16
To: Users of ISC DHCP <[hidden email]>
Subject: Re: Log entries "bind update on ... rejected: BNDUPD without CHADDR"

 

I do NOT want to update dns: dns is not relevant here.

 

As I understand it, the primary and secondary need more differences:

- addresses swapped, as you say

- ports swapped

- 'primary' changed to 'secondary'

- 'mclt' and 'split' are only allowed on the primary

 

Here are a pair of mine (generated by BlueCat), for example:

 


_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users