DHCP/DNS Update issue
We currently have issue with the SuSE Novell DHCP updating the external DNS (Redhat)
Only half the computers get registered... strange...
Here's what we can see in the /var/log/message related to DHCP updating the dns
What we see when there is no update made to the DNS by the DHCP:
Nov 26 08:36:02 SERVER01 dhcpd: DHCPREQUEST for 10.148.56.181 from 00:22:4d:82:14:fd (COMPUTERXX) via eth0
Nov 26 08:36:02 SERVER01 dhcpd: DHCPACK on 10.148.56.181 to 00:22:4d:82:14:fd (COMPUTERXX) via eth0
Nov 26 08:36:27 SERVER01 dhcpd: DHCPDISCOVER from 00:22:4d:82:14:fd (COMPUTERXX) via eth0
Nov 26 08:36:27 SERVER01 dhcpd: DHCPOFFER on 10.148.56.181 to 00:22:4d:82:14:fd (COMPUTERXX) via eth0
Nov 26 08:36:27 SERVER01 dhcpd: DHCPREQUEST for 10.148.56.181 (10.148.56.2) from 00:22:4d:82:14:fd (COMPUTERXX) via eth0
Nov 26 08:36:27 SERVER01 dhcpd: DHCPACK on 10.148.56.181 to 00:22:4d:82:14:fd (COMPUTERXX) via eth0
What we see when there is an update made to the DNS by the DHCP:
Nov 26 08:12:27 SERVER01 dhcpd: DHCPDISCOVER from 00:19:d1:a9:95:5f (COMPUTERXX) via eth0
Nov 26 08:12:27 SERVER01 dhcpd: DHCPOFFER on 10.148.56.143 to 00:19:d1:a9:95:5f (COMPUTERXX) via eth0
Nov 26 08:12:27 SERVER01 dhcpd: Added new forward map from COMPUTERXX.domain.com to 10.148.56.143
Nov 26 08:12:27 SERVER01 dhcpd: unable to add reverse map from 184.108.40.206.in-addr.arpa. to COMPUTERXX.domain.com: timed out
Nov 26 08:12:27 SERVER01 dhcpd: DHCPREQUEST for 10.148.56.143 (10.148.56.2) from 00:19:d1:a9:95:5f (COMPUTERXX) via eth0
Nov 26 08:12:27 SERVER01 dhcpd: DHCPACK on 10.148.56.143 to 00:19:d1:a9:95:5f (COMPUTERXX) via eth0
Nov 26 08:12:38 SERVER01 dhcpd: DHCPINFORM from 10.148.56.143 via eth0
Nov 26 08:12:38 SERVER01 dhcpd: DHCPACK to 10.148.56.143 (00:19:d1:a9:95:5f) via eth0
- Note that there is an unable to add reverse map error ( We don't want to allow reserve map... Is there any way to force the DHCP not to update the reverse map ) ??? Our DHCP config is managed thru imanager.
If we look in the var/log/messages from the redhat DNS, we don't see any error related to problem with registering new binds.
We have 25 servers in 25 different sites and all of them have the same problem... only few of the pcs gets registered....
Any ideas ?
Just a couple thoughts, but
1) The clients may need to be configured to update DNS with their host names.
2) Try capturing some packets to see what options the DHCPREQUESTS contain.
3) I would expect the scope to have a separate option for updating the reverse zone.
1 - We do not want clients to update the DNS directly. Only the DHCP servers are allowed to modify DDNS entries.
2- Do you mean using the tcpdump command ?
3- We wan't to disable the reverse map update functionality ( The DHCP would only update the foward map )
Here's our situation : We have 25 Offices with 25 DHCP servers and two DNS ( Primary, secondary )
We have about 750 computers to register do the ddns but only about 250 of them register.
We found out that if we disable the DNS registration on the Windows workstations... the problem seems to be fixed... But i would like the ddns to work fine even if the workstation configuration isn't the same on every computers...
The question i'm asking myself... Why with this setting enabled, only 1/3 of them register... Very strange behavior.
I know that the workstations are trying to register to the DNS since the /var/log/messages entries display :
Nov 28 08:47:18 dns1 named: client 10.148.67.64#59506: update DOMAIN.COM/IN' denied
When it is the DHCP who try to update, it is working as we want it to work... but only 1/3 of the time.
Why in 2/3 of the time the DHCP not send to the DDNS the entries
Originally Posted by nplusplus
I found a workaround... for the moment since we don't really know why only half or less client thats registers to the DNS.
I had to disable the DNS registration check on the network interface on the client workstation.
To deploy this solution i made and AutoIT that would scan any network interface located on the workstation and change the registry key then do a ipconfig /renew. Automatically the workstation pops up in the DNS server.
My guess is that since the Workstation tries to add himself to the DNS ( and the DNS does not allow it ) and if the DNS informs the workstation that it can't register a DNS name before the DHCP does the job... the workstation won't register at all...
This is the most explainable theory...
Oh and... A workstation that has been registered on the DNS today sometimes does not re-register the next day...
So the fix that we found works great... but i would have liked to know the real reason behind this.
So anyways... here's the AutoIT code that i used to make a Zenworks Bundle to deploy
For $i = 1 To 20
Local $var = RegEnumKey("HKEY_LOCAL_MACHINE\SYSTEM\CurrentContr olSet\services\Tcpip\Parameters\Interfaces\", $i)
If @error <> 0 Then ExitLoop
RunAs("administrator","","password",0,@ComSpec & " /c " & 'reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\servic es\Tcpip\Parameters\Interfaces\'& $var & ' /v RegistrationEnabled /t REG_DWORD /d "0" /f', "", @SW_HIDE )
RunAs("administrator","","password",0,@ComSpec & " /c " & 'ipconfig /renew',"", @SW_HIDE )
Still if you have any idea why this is happening let me know !