when is a DHCP server supposed to remove A and PTR records?

Hi,

I am using DHCP server 4.3.2, running on Debian stable. The server is
configured to create DNS records for clients:

default-lease-time 14400; # 12 hours
max-lease-time 14400;  # 12 hours
not authoritative;
ddns-rev-domainname "in-addr.arpa.";

zone ka51.zugschlus.de. {
  primary lasso.ka51.zugschlus.de;
  key lasso-chasse-dhcp;
}

subnet 192.168.182.0 netmask 255.255.255.0 {
  pool {
    range 192.168.182.150 192.168.182.249;
    failover peer "chasse-cadencia"; # the other side does not exist yet
  }
  option routers int182.barrida.ka51.zugschlus.de;
  ddns-domainname "ka51.zugschlus.de";
  authoritative;
}

zone 182.168.192.in-addr.arpa. {
  primary lasso.ka51.zugschlus.de;
  key lasso-chasse-dhcp;
}

The server creates A and PTR records just fine:

[1/499]mh@lasso:~$ dig +noall +answer @::1 grml.ka51.zugschlus.de. -t ANY; dig +noall +answer @::1 150.182.168.192.in-addr.arpa. -t ANY
grml.ka51.zugschlus.de. 150     IN      A       192.168.182.150
grml.ka51.zugschlus.de. 150     IN      DHCID   AAABXpcYBFwbrFx8RVNPtzwhrrTkbLs/asQOPK8nr65lFtc=
150.182.168.192.in-addr.arpa. 150 IN    PTR     grml.ka51.zugschlus.de.

Under which circumstances is the server supposed to remove the DNS
records? From the docks, I reckon that it should remove them when the
lease expires. According to the logs of the DNS server, it doesn't,
though.

Is that the expected behavior? I'd like systems that are not up to not
be in DNS either. Can this be configured, and if yes, how?

Any hints will be appreciated.

Greetings
Marc

--
-----------------------------------------------------------------------------
Marc Haber         | "I don't trust Computers. They | Mailadresse im Header
Leimen, Germany    |  lose things."    Winona Ryder | Fon: *49 6224 1600402
Nordisch by Nature |  How to make an American Quilt | Fax: *49 6224 1600421
_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users

Marc Haber <[hidden email]> wrote:

It should remove them at the end of the lease.
However, the address you've shown there wouldn't be the first one allocated by teh server - so can I check that you don't have a declaration statement with a fixed address statement and "update static leases" set. That would cause the behavious you are seeing.

_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users

On Wed, Jul 08, 2015 at 06:36:40PM +0100, Simon Hobson wrote:
> > Under which circumstances is the server supposed to remove the DNS
> > records? From the docks, I reckon that it should remove them when the
> > lease expires. According to the logs of the DNS server, it doesn't,
> > though.
>
> It should remove them at the end of the lease.

For some reason, it doesn't. Any idea how to debug this?

> However, the address you've shown there wouldn't be the first one
> allocated by teh server - so can I check that you don't have a
> declaration statement with a fixed address statement and "update
> static leases" set. That would cause the behavious you are seeing.

That's a lab setting, the grml host is the first (and only) client in
there. Having "update static leases" is a goal of the final lab
setting, but I ain't there yet.

Greetings
Marc

--
-----------------------------------------------------------------------------
Marc Haber         | "I don't trust Computers. They | Mailadresse im Header
Leimen, Germany    |  lose things."    Winona Ryder | Fon: *49 6224 1600402
Nordisch by Nature |  How to make an American Quilt | Fax: *49 6224 1600421
_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users

Marc Haber wrote:
> On Wed, Jul 08, 2015 at 06:36:40PM +0100, Simon Hobson wrote:
>>> Under which circumstances is the server supposed to remove the DNS
>>> records? From the docks, I reckon that it should remove them when the
>>> lease expires. According to the logs of the DNS server, it doesn't,
>>> though.
>>
>> It should remove them at the end of the lease.
>
> For some reason, it doesn't. Any idea how to debug this?

Does it do any harm to have "failover peer" in the configuration without
actually having a working peer up and running?

Ciao, Michael.


_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users

On Wed, Jul 08, 2015 at 11:16:54PM +0200, Michael Ströder wrote:
The server is set to "partner-down", so that should not matter. I
would expect a DHCP server to still do dynamic DNS even if its partner
is down.

Greetings
Marc

--
-----------------------------------------------------------------------------
Marc Haber         | "I don't trust Computers. They | Mailadresse im Header
Leimen, Germany    |  lose things."    Winona Ryder | Fon: *49 6224 1600402
Nordisch by Nature |  How to make an American Quilt | Fax: *49 6224 1600421
_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users

On Wed, Jul 08, 2015 at 10:24:13PM +0200, Marc Haber wrote:
> On Wed, Jul 08, 2015 at 06:36:40PM +0100, Simon Hobson wrote:
> > > Under which circumstances is the server supposed to remove the DNS
> > > records? From the docks, I reckon that it should remove them when the
> > > lease expires. According to the logs of the DNS server, it doesn't,
> > > though.
> >
> > It should remove them at the end of the lease.
>
> For some reason, it doesn't. Any idea how to debug this?

Additional information: I reconfigured the test VM to have a different
MAC address, but the same hostname. When that VM booted, the DHCP
server removed the A and PTR for the old IP address, assigned a new
one and correctly entered the A and PTR for the new IP address.

I have since then turned off the test VM, and intend to keep it off
until the lease expires.

Greetings
Marc

--
-----------------------------------------------------------------------------
Marc Haber         | "I don't trust Computers. They | Mailadresse im Header
Leimen, Germany    |  lose things."    Winona Ryder | Fon: *49 6224 1600402
Nordisch by Nature |  How to make an American Quilt | Fax: *49 6224 1600421
_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users

Solved.

On Wed, Jul 08, 2015 at 11:30:33PM +0200, Marc Haber wrote:
Ths issue is that the grml I was using started its own dhcp client
because I forgot to tell it to not do this on the boot command line.
Hence, the lease got renewed despite my dhclient -r which only
terminated the dhclient I manually started on the command line.

After cleaning this up, the DNS entries get removed alright after the
lease expires.

Now the only issue left is - see the other thread - to get the
dhclient to actually send out a DHCPRELEASE.

Greetings
Marc

--
-----------------------------------------------------------------------------
Marc Haber         | "I don't trust Computers. They | Mailadresse im Header
Leimen, Germany    |  lose things."    Winona Ryder | Fon: *49 6224 1600402
Nordisch by Nature |  How to make an American Quilt | Fax: *49 6224 1600421
_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users