Enable registration of DHCP client names in DNS not working
-
I have a LAN set up with a mix of Windows and Ubuntu Linux machines. pfsense is my firewall and an Ubuntu server is my DNS server, running BIND9.
The DNS server is set up correctly and pfsense assigns it as the primary DNS server for DHCP clients. Those clients do not seem to be registering with the Ubuntu server and, as such, they cannot be pinged or "seen" by hostname. The logs on pfsense don't help. Any ideas??
./Robert
-
So pfSense is your DHCP server? And you are expecting your DHCP clients to "register" their names with the DNS server running on Ubuntu?
I don't know your constraints but I think one way to get what you want is to configure pfSense such that
-
DNS forwrder is enabled
-
in DNS forwarder one or both (as appropriate) of Register DHCP leases in DNS forwarder
and Register DHCP static mappings in DNS forwarder is enabled -
the Ubuntu DNS server is configured as the DNS server
-
-
Still no dice. I checked the DNS server to ensure the firewall is turned off. I'm fairly new to pfSense, so bear with me. It looks like the DNS forwarder overrides the DNS servers configured in DHCP on pfsense, giving only pfsense as the DNS server and then forwarding requests on behalf of the client.
The Dynamic DNS / Enable registration of DHCP client names in DNS under Services: DHCP is what I think I need. It is my understanding that with this option, when a DHCP client receives an IP addresses from pfSense, pfsense then registers their names and IP addresses with the DNS server. Is this correct?
./Robert
-
The Dynamic DNS / Enable registration of DHCP client names in DNS under Services: DHCP is what I think I need. It is my understanding that with this option, when a DHCP client receives an IP addresses from pfSense, pfsense then registers their names and IP addresses with the DNS server. Is this correct?
I don't know what you mean by Dynamic DNS / Enable registration of DHCP client names in DNS under Services: DHCP. I can't find that on my system which runs pfSense 1.2.3-RC2 of 16-Jun 2009
I understand a DHCP request CAN include a system name and that name can then be used by pfSense to register a DNS name. My home Win2K, Windows Vista, Centos and Ubuntu Linux systems all provide such names.
The home systems whose names I care about are all assigned static DHCP addresses (the address DHCP provides is keyed to the MAC address the request comes from) so I've checked Register DHCP static mappings in DNS forwarder but not Register DHCP leases in DNS forwarder. Perhaps you would want the inverse of what I use.
Dynamic DNS often refers to a service of some name servers on the internet which allow systems which have an dynamic IP address (e.g. their internet visible address is assigned by DHCP and changes from time to time) to register their IP address through a special URL. Examples: DynDNS and OpenDNS. Home and small office networks often have a dynamic IP address and this mechanism allows them to register a name for easier access. For efective use of such a name service its often necessary to add some some software to track address changes. As far as I know there is no Dynamic DNS service (in this sense) on pfSense.
-
Thanks wallybob,
I'm running same version RC1. If you go to services and DHCP, you'll see a area titled Dynamic DNS toward the bottom of the page. I think that forwarding is used to update LAN clients on the WAN. I am only concerned with LAN clients and servers on the 192.168.11.0/24 network. Is my thinking wrong on the purpose and use of dns forwarding../Robert
-
Thanks wallybob,
I'm running same version RC1. If you go to services and DHCP, you'll see a area titled Dynamic DNS toward the bottom of the page. I think that forwarding is used to update LAN clients on the WAN. I am only concerned with LAN clients and servers on the 192.168.11.0/24 network. Is my thinking wrong on the purpose and use of dns forwarding.Thanks, got it now. I don't use that option. The description doesn't make it obvious to me what that option does.
I think the term DNS forwarding come from pfSense forwarding DNS requests it can't answer to the configured DNS server (and forwarding replies back to the request originator). This is different from a cacheing DNS server which keeps replies until they time out. Registeringing the DHCP lease or DHCP static mapping in the pfSense DNS forwarder means pfSense can answer a request (for name to IP address mapping for example) itself and doesn't need to send it to the external DNS (where in your case and my case it either wouldn't be able to answer the request or it would return the Internet address of the attachment point of my network to the internet and that wouldn't correctly identify the system to the LAN client).
-
wallybob,
Yes, it seems that the option on the DHCP page isn't functioning as I understand it, or as advertised. I actually setup a packet sniffer and renewed an IP on a client; I saw the usual DORA traffic, but nothing from pfsense to the DHCP server. Wonder if its been reported as a bug??On a more favorable note, on the general setup page I unchecked allow DNS server list to be overridden by DHCP…. and things are working fine. This has been a learning experience and thanks for your help and pointers. Moving on to Samba :)
./Robert
-
The option on the General Setup page is referring to the DNS server that the forwarder and pfSense uses.
I don't believe a packet capture of DHCP traffic would reveal anything about the DNS options set on the DHCP Server page. That would be an operation performed by pfSense and a DNS server, not between the DHCP client and pfSense. -
The traffic i was referring to was the Discover Offer Request Ack (DORA) of DHCP; this you can capture. I would expect, afterward, to see pfSense send an update to the DNS server if Enable registration of DHCP client names in DNS is checked. It doesn't. This is broke and is a known bug.
./Robert
-
The "Enable registration of DHCP client names in DNS" feature works only with the built in DNS forwarder (dnsmasq) AFAIK so it can't be used to register the hostnames in an external DNS server.
-
The traffic i was referring to was the Discover Offer Request Ack (DORA) of DHCP; this you can capture. I would expect, afterward, to see pfSense send an update to the DNS server if Enable registration of DHCP client names in DNS is checked. It doesn't. This is broke and is a known bug.
./Robert
Ah, I didn't know you were trying to capture traffic from pfSense to a DNS server. In your other post you just mentioned the DHCP traffic and traffic to a DHCP Server, which I'm guessing was supposed to be DNS server.
-
@kpa:
The "Enable registration of DHCP client names in DNS" feature works only with the built in DNS forwarder (dnsmasq) AFAIK so it can't be used to register the hostnames in an external DNS server.
I don't think this is correct. The "Enable registration of DHCP client names in DNS." option is a flag which enables the "ddns-update-style interim" configuration option for the DHCP server. See /var/dhcpd/etc/dhcpd.conf.
The "Register DHCP leases in DNS forwarder" is a separate option that tells dnsmasq to parse the DHCPD leases file and add assigned leases to the dnsmasq database.
The two options are completely independent. (This is for 1.2.2.)
I have not attempted to use the "Enable registration of DHCP client names in DNS." option, so can not comment on whether or not it actually works.