DHCP, BIND, and DDNS update problem

wwwdrich · Feb 17, 2021, 7:33 PM

I have switched over to bind due to needing views and support for a handful of domains that I host. One thing that I can't get working reliably is DDNS.

It looks like the issue is that new requests get populated into DNS properly, but if anything causes those to go away (like updating the zone through the web UI), they don't get refreshed when the DHCP address renews. The fix appears to be adding update-optimization off; to the dhcpd configuration, but I don't see a way to do that through the web UI as there isn't an option to add additional configuration parameters.

Does anyone have any ideas on how to get DDNS to work reliably with bind?

Inq · Feb 19, 2021, 3:24 PM

@wwwdrich
Inq Jan 5, 2019, 1:02 PM
My solution was to modify /etc/inc/services.inc as follows :
/* write dhcpd.conf */
if (!@file_put_contents("{$g['dhcpd_chroot_path']}/etc/dhcpd.conf.auto", $dhcpdconf)).
After that at every boot pfsense rewrites dhcpd.conf.auto not dhcpd.conf. Manually modify dhcpd.conf as you wish, it should be persistent between reboots or service restarts.
The above solution is a hack, i do not recommend using it for production systems and it could completely break your pfsense install.

wwwdrich · Mar 22, 2021, 8:34 PM

@inq While I hate it, I have a workaround for this. I have the following script that I run any time I update the DHCP config:

#!/bin/sh

lan_int=`xmllint --xpath "//interfaces/lan/if/text()" /conf/config.xml`

if [ -z "$lan_int" ]; then
  echo "ERROR: could not determine LAN interface name!"
  exit 1
fi

# Add update-optimization paramater and restart dhcpd
# This allows DNS to refresh on DHCP lease renewals

killall -3 dhcpd
sed -i.bak '/client-updates;/a\
	update-optimization off;\
' /var/dhcpd/etc/dhcpd.conf
/usr/local/sbin/dhcpd -user dhcpd -group _dhcp -chroot /var/dhcpd -cf /etc/dhcpd.conf -pf /var/run/dhcpd.pid $lan_int

# Repeat for dhcpv6...
sed -i.bak '/client-updates;/a\
	update-optimization off;\
' /var/dhcpd/etc/dhcpd.conf
/usr/local/sbin/dhcpd -6 -user dhcpd -group _dhcp -chroot /var/dhcpd -cf /etc/dhcpdv6.conf -pf /var/run/dhcpdv6.pid $lan_int

wwwdrich · Apr 13, 2025, 4:34 PM

I know it's an old post, but I've updated the way I'm managing this to patch /etc/inc/services.inc as @inq mentioned above:

--- /etc/inc/services.inc-20250320	2025-03-20 15:43:20.182559000 -0700
+++ /etc/inc/services.inc	2025-03-20 15:44:13.392591000 -0700
@@ -3096,6 +3096,7 @@
 	if ($need_ddns_updates) {
 		$dhcpdconf .= "ddns-update-style interim;\n";
 		$dhcpdconf .= "update-static-leases on;\n";
+		$dhcpdconf .= "update-optimization off;\n";

 		$dhcpdconf .= dhcpdzones($ddns_zones);
 	}
@@ -3564,6 +3565,7 @@
 	if ($nsupdate) {
 		$dhcpdv6conf .= "ddns-update-style interim;\n";
 		$dhcpdv6conf .= "update-static-leases on;\n";
+		$dhcpdv6conf .= "update-optimization off;\n";
 	} else {
 		$dhcpdv6conf .= "ddns-update-style none;\n";
 	}