adding dns record for pooled IP address
yshollander
15-07-2009 15:31:19
I've got a chicken-and-egg problem.
I want to add DNS record for all the IP addresses in my DHCP pool, so I do the following:
# /opt/ona/bin/dcm.pl -l admin -p admin -r dns_record_add ip=192.168.1.220 name=jc1-dhcp21.mydomain.com type=A addptr
ERROR => dns_record_add() Unable to find IP interface: 192.168.1.220
A records must point to existing IP addresses.
Please add an interface with this IP address first.
But if I try to add an interface,
# /opt/ona/bin/dcm.pl -l admin -p admin -r interface_add ip=192.168.1.220 host=jc1-dhcp21.mydomain.com
ERROR => The host specified, jc1-dhcp21.mydomain.com, does not exist!
But adding host records for DHCP'ed IP addresses is not allowed either:
# /opt/ona/bin/dcm.pl -l admin -p admin -r host_add ip=192.168.1.220 host=jc1-dhcp21.mydomain.com type=6
ERROR => IP conflict: That IP address (192.168.1.220) falls within a DHCP address pool!
INFO => Conflicting DHCP pool record ID: 3
Any help would be appreciated...
Thanks
Isaac
I want to add DNS record for all the IP addresses in my DHCP pool, so I do the following:
# /opt/ona/bin/dcm.pl -l admin -p admin -r dns_record_add ip=192.168.1.220 name=jc1-dhcp21.mydomain.com type=A addptr
ERROR => dns_record_add() Unable to find IP interface: 192.168.1.220
A records must point to existing IP addresses.
Please add an interface with this IP address first.
But if I try to add an interface,
# /opt/ona/bin/dcm.pl -l admin -p admin -r interface_add ip=192.168.1.220 host=jc1-dhcp21.mydomain.com
ERROR => The host specified, jc1-dhcp21.mydomain.com, does not exist!
But adding host records for DHCP'ed IP addresses is not allowed either:
# /opt/ona/bin/dcm.pl -l admin -p admin -r host_add ip=192.168.1.220 host=jc1-dhcp21.mydomain.com type=6
ERROR => IP conflict: That IP address (192.168.1.220) falls within a DHCP address pool!
INFO => Conflicting DHCP pool record ID: 3
Any help would be appreciated...
Thanks
Isaac
Matt
15-07-2009 16:20:48
This may be something that you will not be able to do for now.
So, today things are done as follows. If you have defined a pool range, you are effectively giving control of those IP addresses to the DHCP server and therefore ONA does not allow you to allocate things within pool ranges. Basically, its way to annoying to try and keep various DHCP servers lease information synchronized with the ONA database... Yes there are DHCP servers out there that tie to databases etc. At this point I dont plan on doing that.
What I do plan on doing is using DHCPLEASEQUERY (supported in newer versions of ISC_DHCP) to provide a way for ONA to ask the DHCP server about its leases within pools. This way you can view a subnet and at least see whats allocated instead of just a big pool block.
Now, with that said, none of this allows you to provide DNS names for IP addresses within a pool.
There are a few ways one COULD do this, none of which I've used, nor tested.
1. use a zone trailer file to append a list of manually created names for the pool range to the zone file created by ONA.
2. Configure DHCP to do a DNS update when it gives out a lease (not really supported via ONAs DHCP build system)
3. Possibly have an option within ONA that says, create DNS records for pool ranges.
4. ... OTHERS.....
At any rate, there are a few ways one could deal with this. I've not yet determined the way(s) I want to support it within ONA. I have honestly always questioned the need to have DNS for pooled addresses anyway. Having a name to talk TO a host implies that that host is providing some sort of service. In my mind it should not be pooled but should be using mac based DHCP so it always gets the same IP (and thus DNS name) and is better tracked. In the case of windows boxes, they can register their name in AD and all is well for them.
I'm not sure what your motivations are for it but for now, you cant add DNS names to things that are in a pool range.
So, today things are done as follows. If you have defined a pool range, you are effectively giving control of those IP addresses to the DHCP server and therefore ONA does not allow you to allocate things within pool ranges. Basically, its way to annoying to try and keep various DHCP servers lease information synchronized with the ONA database... Yes there are DHCP servers out there that tie to databases etc. At this point I dont plan on doing that.
What I do plan on doing is using DHCPLEASEQUERY (supported in newer versions of ISC_DHCP) to provide a way for ONA to ask the DHCP server about its leases within pools. This way you can view a subnet and at least see whats allocated instead of just a big pool block.
Now, with that said, none of this allows you to provide DNS names for IP addresses within a pool.
There are a few ways one COULD do this, none of which I've used, nor tested.
1. use a zone trailer file to append a list of manually created names for the pool range to the zone file created by ONA.
2. Configure DHCP to do a DNS update when it gives out a lease (not really supported via ONAs DHCP build system)
3. Possibly have an option within ONA that says, create DNS records for pool ranges.
4. ... OTHERS.....
At any rate, there are a few ways one could deal with this. I've not yet determined the way(s) I want to support it within ONA. I have honestly always questioned the need to have DNS for pooled addresses anyway. Having a name to talk TO a host implies that that host is providing some sort of service. In my mind it should not be pooled but should be using mac based DHCP so it always gets the same IP (and thus DNS name) and is better tracked. In the case of windows boxes, they can register their name in AD and all is well for them.
I'm not sure what your motivations are for it but for now, you cant add DNS names to things that are in a pool range.
yshollander
15-07-2009 16:35:54
More for convenience than anything else. It's not an absolute requirement. And your'e right that MAC-based authorization is the way to go from a security perspective.
DHCPLEASEQUERY is probably the best option IMHO, though I haven't implemented it here.
For now I could do another include file as you suggested.
Isaac
DHCPLEASEQUERY is probably the best option IMHO, though I haven't implemented it here.
For now I could do another include file as you suggested.
Isaac