Senhores,
- Estou tendo problema para realizar a configuração do DHCP e do BIND. A idéia é configurar ambos para que o hostname seja agregado ao servidor DNS automaticamente. Seguindo alguns how-tos pela internet eu encontrei bastante coisa no tangente ao como fazê-lo, e fiz. Porém, obtenho erro a cada vez que o DHCP entrega um IP, informando que não foi possível atualizar a zona direta do DNS. O erro é o seguinte:
- O engraçado é que a zona reversa dessa mesma zona, está sendo atualizada normalmente (não tenho mais esse log indicando isso, mas tá OK, sério). Esse BIND também, está sincronizado no Active Directory, utilizado em outro servidor. BIND e Active Directory estão replicando corretamente, e estes fatos indicam que não seria algum pau (ou bug) do BIND ou do ISC DHCP no tangente à atualização dinâmica do DNS na versão de ambos que estou utilizando. Seguem os logs:Código :Jul 13 12:03:03 slx01 dhcpd: DHCPREQUEST for 10.0.0.88 from 00:15:f2:17:11:25 (T11) via eth0 Jul 13 12:03:03 slx01 dhcpd: DHCPACK on 10.0.0.88 to 00:15:f2:17:11:25 (T11) via eth0 Jul 13 12:03:03 slx01 named[4128]: client 10.0.0.88#51849: updating zone 'blablabla.net/IN': update unsuccessful: T11.blablabla.net/A: 'RRset exists (value dependent)' prerequisite not satisfied (NXRRSET) Jul 13 12:03:03 slx01 named[4128]: client 10.0.0.88#53958: update 'blablabla.net/IN' denied
- As respectivas configurações do DHCP e do BIND são descritas a seguir:Código :Jul 13 12:10:08 slx01 named[4128]: client 10.0.0.50#4294: updating zone '_msdcs.blablabla.net/IN': adding an RR at 'gc._msdcs.blablabla.net' A Jul 13 12:10:08 slx01 named[4128]: client 10.0.0.50#4298: updating zone '_tcp.blablabla.net/IN': adding an RR at '_ldap._tcp.blablabla.net' SRV Jul 13 12:10:08 slx01 named[4128]: client 10.0.0.50#4302: updating zone '_sites.blablabla.net/IN': adding an RR at '_ldap._tcp.Primeiro-site-padrao._sites.blablabla.net' SRV Jul 13 12:10:08 slx01 named[4128]: client 10.0.0.50#4306: updating zone '_msdcs.blablabla.net/IN': deleting rrset at '_ldap._tcp.pdc._msdcs.blablabla.net' SRV Jul 13 12:10:08 slx01 named[4128]: client 10.0.0.50#4306: updating zone '_msdcs.blablabla.net/IN': adding an RR at '_ldap._tcp.pdc._msdcs.blablabla.net' SRV Jul 13 12:10:08 slx01 named[4128]: client 10.0.0.50#4310: updating zone '_msdcs.blablabla.net/IN': adding an RR at '_ldap._tcp.gc._msdcs.blablabla.net' SRV Jul 13 12:10:08 slx01 named[4128]: client 10.0.0.50#4314: updating zone '_msdcs.blablabla.net/IN': adding an RR at '_ldap._tcp.Primeiro-site-padrao._sites.gc._msdcs.blablabla.net' SRV Jul 13 12:10:08 slx01 named[4128]: client 10.0.0.50#4318: updating zone '_msdcs.blablabla.net/IN': adding an RR at '_ldap._tcp.fac965e6-c098-4918-b16b-5f44a3bc5ffa.domains._msdcs.blablabla.net' SRV Jul 13 12:10:08 slx01 named[4128]: client 10.0.0.50#4322: updating zone '_msdcs.blablabla.net/IN': deleting rrset at 'a0d123d3-b9e7-4777-ac8e-4d7a44d49b90._msdcs.blablabla.net' CNAME Jul 13 12:10:08 slx01 named[4128]: client 10.0.0.50#4322: updating zone '_msdcs.blablabla.net/IN': adding an RR at 'a0d123d3-b9e7-4777-ac8e-4d7a44d49b90._msdcs.blablabla.net' CNAME Jul 13 12:10:08 slx01 named[4128]: client 10.0.0.50#4327: updating zone '_msdcs.blablabla.net/IN': adding an RR at '_kerberos._tcp.dc._msdcs.blablabla.net' SRV Jul 13 12:10:08 slx01 named[4128]: client 10.0.0.50#4331: updating zone '_msdcs.blablabla.net/IN': adding an RR at '_kerberos._tcp.Primeiro-site-padrao._sites.dc._msdcs.blablabla.net' SRV Jul 13 12:10:08 slx01 named[4128]: client 10.0.0.50#4335: updating zone '_msdcs.blablabla.net/IN': adding an RR at '_ldap._tcp.dc._msdcs.blablabla.net' SRV Jul 13 12:10:08 slx01 named[4128]: client 10.0.0.50#4339: updating zone '_msdcs.blablabla.net/IN': adding an RR at '_ldap._tcp.Primeiro-site-padrao._sites.dc._msdcs.blablabla.net' SRV Jul 13 12:10:08 slx01 named[4128]: client 10.0.0.50#4343: updating zone '_tcp.blablabla.net/IN': adding an RR at '_kerberos._tcp.blablabla.net' SRV Jul 13 12:10:08 slx01 named[4128]: client 10.0.0.50#4347: updating zone '_sites.blablabla.net/IN': adding an RR at '_kerberos._tcp.Primeiro-site-padrao._sites.blablabla.net' SRV Jul 13 12:10:08 slx01 named[4128]: client 10.0.0.50#4351: updating zone '_tcp.blablabla.net/IN': adding an RR at '_gc._tcp.blablabla.net' SRV Jul 13 12:10:08 slx01 named[4128]: client 10.0.0.50#4355: updating zone '_sites.blablabla.net/IN': adding an RR at '_gc._tcp.Primeiro-site-padrao._sites.blablabla.net' SRV Jul 13 12:10:08 slx01 named[4128]: client 10.0.0.50#4359: updating zone '_udp.blablabla.net/IN': adding an RR at '_kerberos._udp.blablabla.net' SRV Jul 13 12:10:08 slx01 named[4128]: client 10.0.0.50#4363: updating zone '_tcp.blablabla.net/IN': adding an RR at '_kpasswd._tcp.blablabla.net' SRV Jul 13 12:10:08 slx01 named[4128]: client 10.0.0.50#4367: updating zone '_udp.blablabla.net/IN': adding an RR at '_kpasswd._udp.blablabla.net' SRV
Código :[root@slx01 named]# cat /etc/dhcpd.conf ddns-updates on; ddns-update-style interim; default-lease-time 600; max-lease-time 7200; authoritative; option domain-name-servers 10.0.0.2; key dhcp-habita { algorithm hmac-md5; secret "minha key ;)"; } zone blablabla.net. { primary 10.0.0.2; key dhcp-habita; } zone 0.0.10.in-addr.arpa. { primary 10.0.0.2; key dhcp-habita; } subnet 10.0.0.0 netmask 255.255.255.0 { range 10.0.0.51 10.0.0.90; option routers 10.0.0.2; option domain-name-servers 10.0.0.2; option broadcast-address 10.0.0.2; option domain-name "blablabla.net"; } # Prevenindo o DHCP geral a nao interferir # no DHCP do VMware: subnet 192.168.60.0 netmask 255.255.255.0 { } (------------ EOF ------------)
Código :[root@slx01 named]# cat ../../etc/named.conf options { directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; forwarders { 208.67.222.222; 200.175.189.139; }; version "GoAway(TM) v 0.91"; allow-query { 192.168.0.0/16; 10.0.0.0/8; 127.0.0.0/8; }; }; acl "ADservers" { 10.0.0.50; }; #controls { #inet 127.0.0.1 port 953 #allow { 127.0.0.1; } keys { "dhcp-habita"; }; #}; // Bind conf for xxx zone "." { type hint; file "/var/named/named.root"; }; //zone "1.168.192.in-addr.arpa" { zone "0.0.10.in-addr.arpa" { type master; // file "reverse/1.168.192.db"; file "/var/named/10.0.0.db"; allow-update {ADservers; key dhcp-habita;}; allow-transfer {ADservers;}; }; zone "blablabla.net" { type master; file "/var/named/intra.blablabla.net"; check-names ignore; allow-update {ADservers; key dhcp-habita;}; allow-transfer {ADservers;}; }; zone "_msdcs.blablabla.net" { type master; file "/var/named/_msdcs.blablabla.net"; check-names ignore; allow-update {ADservers;key dhcp-habita;}; allow-transfer {ADservers;}; }; zone "_sites.blablabla.net" { type master; file "/var/named/_sites.blablabla.net"; check-names ignore; allow-update {ADservers;key dhcp-habita;}; allow-transfer {ADservers;}; }; zone "_tcp.blablabla.net" { type master; file "/var/named/_tcp.blablabla.net"; check-names ignore; allow-update {ADservers;key dhcp-habita;}; allow-transfer {ADservers;}; }; zone "_udp.blablabla.net" { type master; file "/var/named/_udp.blablabla.net"; check-names ignore; allow-update {ADservers;key dhcp-habita;}; allow-transfer {ADservers;}; }; zone "DomainDNSZones.blablabla.net" { check-names ignore; type master; file "/var/named/DomainDNSZones.blablabla.net"; allow-update {ADservers;}; allow-transfer {ADservers;}; }; zone "ForestDNSZones.blablabla.net" { check-names ignore; type master; file "/var/named/ForestDNSZones.blablabla.net"; allow-update {ADservers;}; allow-transfer {ADservers;}; }; include "/etc/rndc.key"; include "/etc/dhcp.key"; (------------ EOF ------------)
(Tem mais, peraí que continua. Não coube tudo aqui).