unable to add forward map from serverora11gr2.db.net.db.net
by rahulvishwakarma from LinuxQuestions.org on (#4W8KK)
hi to all, I've centos7.5 as server & client , and one centos6.10 client. I've configured ddns and dhcpd as follows :-
file /etc/named.conf
Code:options {
listen-on port 53 { 127.0.0.1; 192.168.60.1; };
# listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost; 192.168.60.0/24; };
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
include "/etc/rndc.key";
zone "db.net" IN {
type master;
file "dynamic/db.forward.zone";
allow-update { key rndc.key; };
};
zone "60.168.192.in-addr.arpa" IN {
type master;
file "dynamic/db.reverse.zone";
allow-update { key rndc.key; };
};Code:# systemctl restart named
# systemctl restart dhcpd/var/log/message
Code:Dec 8 16:22:24 server75 named[29449]: listening on IPv4 interface lo, 127.0.0.1#53
Dec 8 16:22:24 server75 named[29449]: listening on IPv4 interface ens33, 192.168.60.1#53
Dec 8 16:22:24 server75 named[29449]: generating session key for dynamic DNS
Dec 8 16:22:24 server75 named[29449]: sizing zone task pool based on 8 zones
Dec 8 16:22:24 server75 named[29449]: set up managed keys zone for view _default, file '/var/named/dynamic/managed-keys.bind'
Dec 8 16:22:24 server75 named[29449]: automatic empty zone: 10.IN-ADDR.ARPA
.
.
.
Dec 8 16:22:24 server75 named[29449]: automatic empty zone: 113.0.203.IN-ADDR.ARPA
Dec 8 16:22:24 server75 named[29449]: automatic empty zone: 255.255.255.255.IN-ADDR.ARPA
Dec 8 16:22:24 server75 named[29449]: automatic empty zone: 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Dec 8 16:22:24 server75 named[29449]: automatic empty zone: D.F.IP6.ARPA
Dec 8 16:22:24 server75 named[29449]: automatic empty zone: 8.E.F.IP6.ARPA
Dec 8 16:22:24 server75 named[29449]: automatic empty zone: 9.E.F.IP6.ARPA
Dec 8 16:22:24 server75 named[29449]: automatic empty zone: A.E.F.IP6.ARPA
Dec 8 16:22:24 server75 named[29449]: automatic empty zone: B.E.F.IP6.ARPA
Dec 8 16:22:24 server75 named[29449]: automatic empty zone: 8.B.D.0.1.0.0.2.IP6.ARPA
Dec 8 16:22:24 server75 named[29449]: command channel listening on 127.0.0.1#953
Dec 8 16:22:24 server75 named[29449]: command channel listening on ::1#953
Dec 8 16:22:24 server75 named[29449]: managed-keys-zone: journal file is out of date: removing journal file
Dec 8 16:22:24 server75 named[29449]: managed-keys-zone: loaded serial 56
Dec 8 16:22:24 server75 named[29449]: zone 0.in-addr.arpa/IN: loaded serial 0
Dec 8 16:22:24 server75 named[29449]: zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0
Dec 8 16:22:24 server75 named[29449]: zone 60.168.192.in-addr.arpa/IN: loaded serial 2019120903
Dec 8 16:22:24 server75 named[29449]: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0
Dec 8 16:22:24 server75 named[29449]: zone db.net/IN: loaded serial 2019120903
Dec 8 16:22:24 server75 named[29449]: zone localhost.localdomain/IN: loaded serial 0
Dec 8 16:22:24 server75 named[29449]: zone localhost/IN: loaded serial 0
Dec 8 16:22:24 server75 named[29449]: all zones loaded
Dec 8 16:22:24 server75 named[29449]: running
Dec 8 16:22:24 server75 named[29449]: zone 60.168.192.in-addr.arpa/IN: sending notifies (serial 2019120903)
Dec 8 16:22:24 server75 named[29449]: zone db.net/IN: sending notifies (serial 2019120903)
Dec 8 16:22:24 server75 systemd: Started Berkeley Internet Name Domain (DNS).mine /etc/dhcp/dhcp.conf is :-
Code:default-lease-time 600;
max-lease-time 7200;
allow client-updates;
include "/etc/rndc.key";
ddns-updates on;
authoritative;
option ntp-servers 192.168.60.1;
option domain-name-servers 192.168.60.1;
option domain-name "db.net";
option routers 192.168.60.1;
option broadcast-address 192.168.60.255;
option domain-search "db.net";
ddns-rev-domainname "in-addr.arpa";
ddns-domainname "db.net";
allow unknown-clients;
update-static-leases on;
ddns-update-style interim;
ddns-domainname "db.net";
subnet 192.168.60.0 netmask 255.255.255.0 {
range dynamic-bootp 192.168.60.10 192.168.60.50;
option domain-name-servers server75.db.net;
option domain-name "db.net";
option routers 192.168.60.1;
option broadcast-address 192.168.60.255;
default-lease-time 600;
max-lease-time 7200;
allow client-updates;
ddns-updates on;
}
zone db.net {
primary 192.168.60.1;
key rndc-key;
}
host oradb {
hardware ethernet 00:0C:29:C5:57:C9;
fixed-address 192.168.60.2;
}after restarting service on centos 6.10 client
Code:Dec 8 16:05:59 server75 dhcpd: DHCPREQUEST for 192.168.60.2 from 00:0c:29:c5:57:c9 via ens33
Dec 8 16:05:59 server75 named[28571]: client 192.168.60.1#54987/key rndc-key: signer "rndc-key" denied
Dec 8 16:05:59 server75 named[28571]: client 192.168.60.1#54987/key rndc-key: update 'db.net/IN' denied
Dec 8 16:05:59 server75 dhcpd: DHCPACK on 192.168.60.2 to 00:0c:29:c5:57:c9 via ens33
Dec 8 16:05:59 server75 dhcpd: Unable to add forward map from serverora11gr2.db.net.db.net to 192.168.60.2: REFUSED and after restarting service of centos7.5 client
Code:Dec 8 16:13:00 server75 dhcpd: DHCPREQUEST for 192.168.60.128 from 00:0c:29:e2:8f:a5 via ens33: unknown lease 192.168.60.128.
Dec 8 16:14:44 server75 dhcpd: DHCPREQUEST for 192.168.60.128 from 00:0c:29:e2:8f:a5 via ens33: unknown lease 192.168.60.128.why it is "serverora11gr2.db.net.db.net" and what about "signer "rndc-key" denied" & "update 'db.net/IN' denied"
file /etc/named.conf
Code:options {
listen-on port 53 { 127.0.0.1; 192.168.60.1; };
# listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost; 192.168.60.0/24; };
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
include "/etc/rndc.key";
zone "db.net" IN {
type master;
file "dynamic/db.forward.zone";
allow-update { key rndc.key; };
};
zone "60.168.192.in-addr.arpa" IN {
type master;
file "dynamic/db.reverse.zone";
allow-update { key rndc.key; };
};Code:# systemctl restart named
# systemctl restart dhcpd/var/log/message
Code:Dec 8 16:22:24 server75 named[29449]: listening on IPv4 interface lo, 127.0.0.1#53
Dec 8 16:22:24 server75 named[29449]: listening on IPv4 interface ens33, 192.168.60.1#53
Dec 8 16:22:24 server75 named[29449]: generating session key for dynamic DNS
Dec 8 16:22:24 server75 named[29449]: sizing zone task pool based on 8 zones
Dec 8 16:22:24 server75 named[29449]: set up managed keys zone for view _default, file '/var/named/dynamic/managed-keys.bind'
Dec 8 16:22:24 server75 named[29449]: automatic empty zone: 10.IN-ADDR.ARPA
.
.
.
Dec 8 16:22:24 server75 named[29449]: automatic empty zone: 113.0.203.IN-ADDR.ARPA
Dec 8 16:22:24 server75 named[29449]: automatic empty zone: 255.255.255.255.IN-ADDR.ARPA
Dec 8 16:22:24 server75 named[29449]: automatic empty zone: 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Dec 8 16:22:24 server75 named[29449]: automatic empty zone: D.F.IP6.ARPA
Dec 8 16:22:24 server75 named[29449]: automatic empty zone: 8.E.F.IP6.ARPA
Dec 8 16:22:24 server75 named[29449]: automatic empty zone: 9.E.F.IP6.ARPA
Dec 8 16:22:24 server75 named[29449]: automatic empty zone: A.E.F.IP6.ARPA
Dec 8 16:22:24 server75 named[29449]: automatic empty zone: B.E.F.IP6.ARPA
Dec 8 16:22:24 server75 named[29449]: automatic empty zone: 8.B.D.0.1.0.0.2.IP6.ARPA
Dec 8 16:22:24 server75 named[29449]: command channel listening on 127.0.0.1#953
Dec 8 16:22:24 server75 named[29449]: command channel listening on ::1#953
Dec 8 16:22:24 server75 named[29449]: managed-keys-zone: journal file is out of date: removing journal file
Dec 8 16:22:24 server75 named[29449]: managed-keys-zone: loaded serial 56
Dec 8 16:22:24 server75 named[29449]: zone 0.in-addr.arpa/IN: loaded serial 0
Dec 8 16:22:24 server75 named[29449]: zone 1.0.0.127.in-addr.arpa/IN: loaded serial 0
Dec 8 16:22:24 server75 named[29449]: zone 60.168.192.in-addr.arpa/IN: loaded serial 2019120903
Dec 8 16:22:24 server75 named[29449]: zone 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 0
Dec 8 16:22:24 server75 named[29449]: zone db.net/IN: loaded serial 2019120903
Dec 8 16:22:24 server75 named[29449]: zone localhost.localdomain/IN: loaded serial 0
Dec 8 16:22:24 server75 named[29449]: zone localhost/IN: loaded serial 0
Dec 8 16:22:24 server75 named[29449]: all zones loaded
Dec 8 16:22:24 server75 named[29449]: running
Dec 8 16:22:24 server75 named[29449]: zone 60.168.192.in-addr.arpa/IN: sending notifies (serial 2019120903)
Dec 8 16:22:24 server75 named[29449]: zone db.net/IN: sending notifies (serial 2019120903)
Dec 8 16:22:24 server75 systemd: Started Berkeley Internet Name Domain (DNS).mine /etc/dhcp/dhcp.conf is :-
Code:default-lease-time 600;
max-lease-time 7200;
allow client-updates;
include "/etc/rndc.key";
ddns-updates on;
authoritative;
option ntp-servers 192.168.60.1;
option domain-name-servers 192.168.60.1;
option domain-name "db.net";
option routers 192.168.60.1;
option broadcast-address 192.168.60.255;
option domain-search "db.net";
ddns-rev-domainname "in-addr.arpa";
ddns-domainname "db.net";
allow unknown-clients;
update-static-leases on;
ddns-update-style interim;
ddns-domainname "db.net";
subnet 192.168.60.0 netmask 255.255.255.0 {
range dynamic-bootp 192.168.60.10 192.168.60.50;
option domain-name-servers server75.db.net;
option domain-name "db.net";
option routers 192.168.60.1;
option broadcast-address 192.168.60.255;
default-lease-time 600;
max-lease-time 7200;
allow client-updates;
ddns-updates on;
}
zone db.net {
primary 192.168.60.1;
key rndc-key;
}
host oradb {
hardware ethernet 00:0C:29:C5:57:C9;
fixed-address 192.168.60.2;
}after restarting service on centos 6.10 client
Code:Dec 8 16:05:59 server75 dhcpd: DHCPREQUEST for 192.168.60.2 from 00:0c:29:c5:57:c9 via ens33
Dec 8 16:05:59 server75 named[28571]: client 192.168.60.1#54987/key rndc-key: signer "rndc-key" denied
Dec 8 16:05:59 server75 named[28571]: client 192.168.60.1#54987/key rndc-key: update 'db.net/IN' denied
Dec 8 16:05:59 server75 dhcpd: DHCPACK on 192.168.60.2 to 00:0c:29:c5:57:c9 via ens33
Dec 8 16:05:59 server75 dhcpd: Unable to add forward map from serverora11gr2.db.net.db.net to 192.168.60.2: REFUSED and after restarting service of centos7.5 client
Code:Dec 8 16:13:00 server75 dhcpd: DHCPREQUEST for 192.168.60.128 from 00:0c:29:e2:8f:a5 via ens33: unknown lease 192.168.60.128.
Dec 8 16:14:44 server75 dhcpd: DHCPREQUEST for 192.168.60.128 from 00:0c:29:e2:8f:a5 via ens33: unknown lease 192.168.60.128.why it is "serverora11gr2.db.net.db.net" and what about "signer "rndc-key" denied" & "update 'db.net/IN' denied"