DNS reverse addresses (was re: reading IP addresses given via DHCP)
torriem at gmail.com
Thu Oct 3 13:33:36 MDT 2013
On 10/03/2013 03:04 AM, Dan Egli wrote:
> Sorry on the delay replying, I couldn't get online for a couple days. So,
> what you're saying is that ISC's DHCPd would let me have a single ddns
> update key for all three zones (upper.rec, lower.rec, and in-addr.arpa) and
> it would update the appropriate zone accordingly? That's interesting, and
> was not what I had understood. Or maybe it would be two keys? Where zone
> "upper.rec" gets key #1, zone "lower.rec" gets key #2, and the in-addr.arpa
> gets keys one AND two? Before I make any changes in that direction, can you
> please confirm this? If it would work, then that's really going to save
> some time and complexity, not to mention needing to restart bind (I would
> still need to restart dhcpd though, so that it sees the declaration of the
> reserved IP for that machine after it's initial self configuration).
You can configure and use the keys however you want. Each subnet in
DHCP can update an arbitrary, matching zone in DNS, using any arbitrary
key you specify in the configs. Just make sure the forward and matching
reverse zones are set to use the same key.
> The point of updating the in-addr.arpa records is that my understanding
> says the in-addr.arpa zone is queried when, for example, you do a netstat.
> Then any connections to the machine (unless you specifically add the flag
> not to resolve names) generate calls to in-addr.arpa to confirm that (for
> example) 192.168.0.15 is moe.upper.rec and 192.168.1.22 is
> peitre.lower.rec. Now, if that's not the case, then I'm all ears. But that
> was my understanding of how names were resolved in such circumstances.
in-addr.arpa zones are IPv4 reverse-lookup zones. For converting a
number to a name. Since DNS has no concept of reverse lookups, the
in-addr.arpa zones are clever hacks to make it work transparently. The
dns client will reverse the IP address and treat it like a standard
domain name when making queries. IE 220.127.116.11 becomes the domain name
18.104.22.168.in-addr.arpa, and the the same mechanism as any normal lookup is
> The PXE config is already as simple as I could possibly make it without
> regenerating the pxelinux.0 file to make multiple boot-loader images. And
> even then I'd have to pass it some kind of config file or related, wouldn't
You can configure DHCP to pass any filename you want to PXE, based on
classes and pools, subnets, etc.
> I'm not sure what you mean by infinite leases in DHCP. I was under the
> impression that DHCP leases were finite. After all, there ARE two
> parameters in the config file that specify the average lease time and the
> maximum lease time. Would I just specify those as 0 or something to make
> them infinite? And wouldn't infinite leases cause an issue when replacing
> boxes? I'd think an infinite lease would thus isolate that address forever,
> and the only way to recover it would be to manually edit the leases file
> and remove that lease.
Yes, if you ever want to reclaim that IP address for a different host
you have to edit the leases file while dhcpd is off.
More information about the PLUG