Problem with dhcpd and ddns, deleting A record, leaving stale TXT/DHCID and PTR behind

The message came through successfully yesterday. I wish I had something to offer.

 

From: dhcp-users [mailto:[hidden email]] On Behalf Of Jess Johnson
Sent: Wednesday, March 1, 2017 5:17 PM
To: [hidden email]
Subject: Problem with dhcpd and ddns, deleting A record, leaving stale TXT/DHCID and PTR behind

 

Apologies if multiples of these get through. I've been trying to send to the list for a couple of days and not having any luck.

 

Summary - dhcpd removes A record, but leaves DHCID and PTR behind, causing problems in future. 

 

dhcpd 4.3.5 (custom install with no options to configure)

bind-9.8.2-0.47.rc1.el6_8.3.x86_64

 

ddns-updates on;

ddns-update-style standard;

ddns-rev-domainname "in-addr.arpa.";

update-optimization off;

#update-conflict-detection false;

 

update-static-leases on;

ignore client-updates;

one-lease-per-client on;

 

We are using host definitions as such

 

host esxi-xxxx-a5-30-10 {

  hardware ethernet 2C:59:E5:49:56:38;

  ddns-hostname "esxi-xxxx-a5-30-10";

  ddns-domainname "domain.com.";

  option host-name "esxi-xxxx-a5-30-10";

  option domain-name "domain.com";

}

 

The host boots on untagged network (no DDNS), PXE boots ESXi with tagged interface on different VLAN with DDNS enabled. At this point it registers A, PTR and DHCID just fine.

Autodeploy then applies a host profile which cause the interface to down/up on the same network segment. When it goes down, dhcp removes the A record, but not the DHCID or PTR. When it comes back up on the same IP address (MAC address stayed the same), I get

 

Feb 28 19:16:22 dhcp001 dhcpd: DHCPOFFER on 10.1.66.37 to 2c:59:e5:49:15:98 via 10.1.66.2

Feb 28 19:16:22 dhcp001 dhcpd: DHCPREQUEST for 10.1.66.37 (10.1.71.135) from 2c:59:e5:49:15:98 via 10.1.66.2

Feb 28 19:16:22 dhcp001 dhcpd: DHCPACK on 10.1.66.37 to 2c:59:e5:49:15:98 via 10.1.66.2

Feb 28 19:16:22 dhcp001 dhcpd: Added new forward map from esxi-xxxx-a5-30-14.domain.com. to 10.1.66.37

Feb 28 19:18:58 dhcp001 dhcpd: DHCPRELEASE of 10.1.66.37 from 2c:59:e5:49:15:98 via eth0 (found)

Feb 28 19:18:58 dhcp001 dhcpd: Removed forward map from esxi-xxxx-a5-30-14.domain.com. to 10.1.66.37

Feb 28 19:19:01 dhcp001 dhcpd: DHCPOFFER on 10.1.66.37 to 2c:59:e5:49:15:98 via 10.1.66.3

Feb 28 19:19:01 dhcp001 dhcpd: DHCPREQUEST for 10.1.66.37 (10.1.71.135) from 2c:59:e5:49:15:98 via 10.1.66.3

Feb 28 19:19:01 dhcp001 dhcpd: DHCPACK on 10.1.66.37 to 2c:59:e5:49:15:98 via 10.1.66.3

Feb 28 19:19:04 dhcp001 dhcpd: DHCPREQUEST for 10.1.66.37 from 2c:59:e5:49:15:98 via eth0

Feb 28 19:31:52 dhcp001 dhcpd: Forward map from esxi-xxxx-a5-30-14.domain.com. to 10.1.66.37 FAILED: timed out

and

updating zone 'domain.com/IN': update unsuccessful: esxi-xxxx-a5-30-10.domaincom: 'name not in use' prerequisite not satisfied (YXDOMAIN)

 

# host -a esxi-xxxx-a5-30-10.domain.com

Trying "esxi-xxxx-a5-30-10.domain.com"

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42622

;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3

 

;; QUESTION SECTION:

;esxi-xxxx-a5-30-10.domain.com. IN ANY

 

;; ANSWER SECTION:

esxi-xxxx-a5-30-10.domain.com. 3600 IN DHCID AAEBABsJWn8ZMp8B0wG1h6pv4FVrVZobDzBUVM8QVYrQPak=

 

;; AUTHORITY SECTION:

domain.com.  86400   IN      NS      dns002.domain.com.

domain.com.  86400   IN      NS      dns003.domain.com.

domain.com.  86400   IN      NS      dns001.domain.com.

 

 

It's my understanding it should be deleting the DHCID record because there is no A record? The esxi server still has a valid lease on 10.1.66.34

 

What am I missing?

_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users

I built a test DNS server using 9.9.4 (whatever comes by default with centos7) and the dhcp server can correctly delete the TXT/DHCID record. 

My guess is dhcpd 4.2.6 and 4.3.5  has a bug talking to the older version 9.8.2.

Jess

On Wed, Mar 1, 2017 at 5:22 PM, Patrick Trapp <[hidden email]> wrote:

The message came through successfully yesterday. I wish I had something to offer.

 

From: dhcp-users [mailto:[hidden email]] On Behalf Of Jess Johnson
Sent: Wednesday, March 1, 2017 5:17 PM
To: [hidden email]
Subject: Problem with dhcpd and ddns, deleting A record, leaving stale TXT/DHCID and PTR behind

 

Apologies if multiples of these get through. I've been trying to send to the list for a couple of days and not having any luck.

 

Summary - dhcpd removes A record, but leaves DHCID and PTR behind, causing problems in future. 

 

dhcpd 4.3.5 (custom install with no options to configure)

bind-9.8.2-0.47.rc1.el6_8.3.x86_64

 

ddns-updates on;

ddns-update-style standard;

ddns-rev-domainname "in-addr.arpa.";

update-optimization off;

#update-conflict-detection false;

 

update-static-leases on;

ignore client-updates;

one-lease-per-client on;

 

We are using host definitions as such

 

host esxi-xxxx-a5-30-10 {

  hardware ethernet 2C:59:E5:49:56:38;

  ddns-hostname "esxi-xxxx-a5-30-10";

  ddns-domainname "domain.com.";

  option host-name "esxi-xxxx-a5-30-10";

  option domain-name "domain.com";

}

 

The host boots on untagged network (no DDNS), PXE boots ESXi with tagged interface on different VLAN with DDNS enabled. At this point it registers A, PTR and DHCID just fine.

Autodeploy then applies a host profile which cause the interface to down/up on the same network segment. When it goes down, dhcp removes the A record, but not the DHCID or PTR. When it comes back up on the same IP address (MAC address stayed the same), I get

 

Feb 28 19:16:22 dhcp001 dhcpd: DHCPOFFER on 10.1.66.37 to 2c:59:e5:49:15:98 via 10.1.66.2

Feb 28 19:16:22 dhcp001 dhcpd: DHCPREQUEST for 10.1.66.37 (10.1.71.135) from 2c:59:e5:49:15:98 via 10.1.66.2

Feb 28 19:16:22 dhcp001 dhcpd: DHCPACK on 10.1.66.37 to 2c:59:e5:49:15:98 via 10.1.66.2

Feb 28 19:16:22 dhcp001 dhcpd: Added new forward map from esxi-xxxx-a5-30-14.domain.com. to 10.1.66.37

Feb 28 19:18:58 dhcp001 dhcpd: DHCPRELEASE of 10.1.66.37 from 2c:59:e5:49:15:98 via eth0 (found)

Feb 28 19:18:58 dhcp001 dhcpd: Removed forward map from esxi-xxxx-a5-30-14.domain.com. to 10.1.66.37

Feb 28 19:19:01 dhcp001 dhcpd: DHCPOFFER on 10.1.66.37 to 2c:59:e5:49:15:98 via 10.1.66.3

Feb 28 19:19:01 dhcp001 dhcpd: DHCPREQUEST for 10.1.66.37 (10.1.71.135) from 2c:59:e5:49:15:98 via 10.1.66.3

Feb 28 19:19:01 dhcp001 dhcpd: DHCPACK on 10.1.66.37 to 2c:59:e5:49:15:98 via 10.1.66.3

Feb 28 19:19:04 dhcp001 dhcpd: DHCPREQUEST for 10.1.66.37 from 2c:59:e5:49:15:98 via eth0

Feb 28 19:31:52 dhcp001 dhcpd: Forward map from esxi-xxxx-a5-30-14.domain.com. to 10.1.66.37 FAILED: timed out

and

updating zone 'domain.com/IN': update unsuccessful: esxi-xxxx-a5-30-10.domaincom: 'name not in use' prerequisite not satisfied (YXDOMAIN)

 

# host -a esxi-xxxx-a5-30-10.domain.com

Trying "esxi-xxxx-a5-30-10.domain.com"

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42622

;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3

 

;; QUESTION SECTION:

;esxi-xxxx-a5-30-10.domain.com. IN ANY

 

;; ANSWER SECTION:

esxi-xxxx-a5-30-10.domain.com. 3600 IN DHCID AAEBABsJWn8ZMp8B0wG1h6pv4FVrVZobDzBUVM8QVYrQPak=

 

;; AUTHORITY SECTION:

domain.com.  86400   IN      NS      dns002.domain.com.

domain.com.  86400   IN      NS      dns003.domain.com.

domain.com.  86400   IN      NS      dns001.domain.com.

 

 

It's my understanding it should be deleting the DHCID record because there is no A record? The esxi server still has a valid lease on 10.1.66.34

 

What am I missing?

_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users