Dynamic DHCP and DNS issue

nyu2009 · 08-31-2009, 12:04 PM

Dear all,

I have just setup an Server with DNS and Dynamic DHCP update to DNS records. XPClient received IP from DHCP and updated to DNS zone.
My issue is the XPClient can't nslookup to server, he can ping IP but can't ping hostname
- On XPClient I can't nslookup to DNS Server:

All service start without any errors.

Code:

nslookup
*** Can't find server name for address 192.168.100.2: Query refused
*** Default servers are not available
Default Server: Unknow
Address: 192.168.100.2

Code:

ipconfig /all
Windows IP Configuration

          Host Name . . . . . . . . . . . . : it-client
          Primary Dns Suffix. . . . . . . :
          Note Type . . . . . . . . . . . . :  Hybrid
          IP Routing Enabled . . . . . . :  No
          WINS Proxy Enabled . . . . . : No
          DNS Suffix Search List  . . . .: abc.com

Ethernet adapter Local Area Connection:

          Connection-specific DNS Suffix . : abc.com
          Description...
          Physical Address...
          Dhcp Enabled . . . . . . . . . . . . . .: Yes
          Autoconfiguration Enabled  . . . . : Yes
          IP Address . . . . . . . . . . . . . . . .: 192.168.100.100
          Subnet Mask . . . . . . . . . . . . . . : 255.255.255.0
          Default Gateway . . . . . . . . . . . .: 192.168.100.254
          DHCP Server . . . . . . . . . . . . . . : 192.168.100.2
          DNS Server . . . . . . . . . . . . . . . : 192.168.100.2
          Primary WINS Server . . . . . . . . : 192.168.100.2
...

- On Server: I can nslookup forward and reverse IP of client because it updated on zones.
This is my config files
#--> named.conf

Code:

# Start of rndc.conf
key "rndckey" {
	algorithm hmac-md5;
	secret "ohXFUEHIkOB7yaEpaxt5RA==";
};

controls {
	inet 127.0.0.1 allow { 127.0.0.1;} keys { "rndckey";};
	inet 192.168.100.2 allow { 192.168.100/24;} keys { "rndckey";};
};

options {
	directory "/var/named";
	pid-file "/var/run/named/named.pid";

	recursion yes;
	
	allow-recursion {
		127.0.0.1;
		192.168.100.0/24;
	};

	allow-transfer {
		127.0.0.1;
		192.168.100.0/24;
	};

	forwarders {
#		208.67.222.222;
	};

	listen-on {
		127.0.0.1;
		192.168.100.2;
	};

# Avoid cache-poisoning
#	query-source address * port 53;
	dnssec-enable yes;	

	version "REFUSED";

	allow-query {
		127.0.0.1;
		192.168.100.2;
	};
};

server 192.168.100.2 {
	keys { rndckey; };
};

zone "." IN {
	type hint;
	file "named.ca";
};

zone "abc.com" IN {
	type master;
	file "data/abc.com.zone";
	allow-update { key "rndckey"; 192.168.100.2;};
#	allow-transfer {"IP Slave DNS Server"};
};

zone "100.168.192.in-addr.arpa" IN {
	type master;
	file "data/reverse-192.168.100.zone";
	allow-update { key "rndckey"; 192.168.100.2;};
};

#--> zones

abc.com.zone

Code:

$ORIGIN .
$TTL 38400	; 10 hours 40 minutes
abc.com		IN SOA	bdc-svr.abc.com. admin.abc.com. (
				20092916   ; serial
				10800      ; refresh (3 hours)
				3600       ; retry (1 hour)
				604800     ; expire (1 week)
				86400      ; minimum (1 day)
				)
			NS	bdc-svr.abc.com.
			MX	0 mail-svr.abc.com.abc.com.
$ORIGIN abc.com.
bdc-svr			A	192.168.100.2
$TTL 172800	; 2 days
it-client		A	192.168.100.100
			TXT	"313072e7cacf21b5f55b0b2b25e2e91969"
$TTL 38400	; 10 hours 40 minutes
mail-svr		A	192.168.100.3
$TTL 172800	; 2 days
usergds-desktop		A	192.168.100.99
			TXT	"00eec2a4fe6a070d206b763f5a81e78396"

reverse-192.168.100.zone

Code:

$ORIGIN .
$TTL 38400	; 10 hours 40 minutes
100.168.192.in-addr.arpa IN SOA	bdc-svr.abc.com. admin.abc.com. (
				20092914   ; serial
				10800      ; refresh (3 hours)
				3600       ; retry (1 hour)
				604800     ; expire (1 week)
				86400      ; minimum (1 day)
				)
			NS	bdc-svr.abc.com.
$ORIGIN 100.168.192.in-addr.arpa.
$TTL 172800	; 2 days
100			PTR	it-client.abc.com.
$TTL 38400	; 10 hours 40 minutes
2			PTR	bdc-svr.abc.com.
3			PTR	mail-svr.abc.com.

#--> dhcpd.conf

Code:

#
# DHCP Server Configuration file.
#   see /usr/share/doc/dhcp*/dhcpd.conf.sample  
#
default-lease-time 345600;
max-lease-time 604800;

ddns-update-style interim;
ddns-updates on;
allow client-updates;
allow unknown-clients;
include "/etc/rndc.key";
authoritative;


option domain-name "abc.com";
option domain-name-servers bdc-svr.abc.com;

one-lease-per-client true;

#
# Local services
#
option time-servers bdc-svr.abc.com;

# Samba Name server
# option netbios-name-servers 192.168.100.2;
# option broadcast-address 192.168.100.2;
# option routers 192.168.100.254;
# option ip-forwarding off;


subnet 192.168.100.0 netmask 255.255.255.0 {
	pool {
		range 192.168.100.51 192.168.100.100;
		option broadcast-address 192.168.100.255;
		option routers 192.168.100.254;
		allow unknown clients;
	}

	#
	# Servers
	#
	group {
		option broadcast-address 192.168.100.255;
		option routers 192.168.100.254;

		host bdc-svr {
			hardware ethernet 00:0C:29:55:34:9F;
			fixed-address 192.168.100.2;
		}
	}

		
}

zone abc.com.zone. {
	primary 192.168.100.2;
	key rndckey;
}

zone reverse-192.168.100.zone {
	primary 192.168.100.2;
	key rndckey;
}

Many thanks for any suggestion.

Regards,
NYU

nyu2009 · 08-31-2009, 12:30 PM

I fixed my issue
named.conf
....
allow-query {
127.0.0.1;
192.168.100.2;
};
.....

Look like is only query itself. Just change to 192.168.100.0/24;.
Work like a charm.

Thanks a lot.