OPNsense Forum
Archive => 16.1 Legacy Series => Topic started by: bringha on April 09, 2016, 08:37:23 pm
-
Hallo,
when starting a new XEN VM which obtain its IP Adress from the DHCP server of opnsense, I had to note that this lease is not forwarded to the unbound DNS resolver. Could somebody explain which lease types are forwarded and which not?
According to my understanding, opnsense DHCP server puts the leases in /var/var/dhcpd/var/db/dhcpd.leases. From there, the script /usr/local/opnsense/scripts/dns/unbound_dhcpd.py regularly checks and writes the leases in the unbound required format to /var/unbound/dhcpleases.conf. Then, they can be resolved with DNS requests.
Not clear is WHICH leases are written. I would expect that all leases which are active, have address and hostname and are not expired should be written. This seems to not to be the case:
Here 2 examples of my leases:
lease 192.168.1.213 {
starts 6 2016/04/09 15:29:23;
ends 0 2016/04/10 15:29:23;
cltt 6 2016/04/09 15:29:23;
binding state active;
next binding state free;
rewind binding state free;
hardware ethernet 74:81:14:30:f9:7f;
uid "\001t\201\0240\371\177";
client-hostname "iPad";
}
is in the unbound file available as
local-data-ptr: "192.168.1.213 iPad.example.xx"
local-data: "iPad.example.xx IN A 192.168.1.213"
Consequently, a command
dig iPad
; <<>> DiG 9.9.5-9+deb8u6-Debian <<>> ipad.example.xx
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39695
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;ipad.example.xx. IN A
;; ANSWER SECTION:
ipad.example.xx. 3600 IN A 192.168.1.213
;; Query time: 0 msec
;; SERVER: 192.168.1.254#53(192.168.1.254)
;; WHEN: Sat Apr 09 20:24:22 CEST 2016
;; MSG SIZE rcvd: 76
leads to the desired result
A second lease
lease 192.168.1.206 {
starts 6 2016/04/09 17:44:48;
ends 6 2016/04/09 19:44:48;
cltt 6 2016/04/09 17:44:48;
binding state active;
next binding state free;
rewind binding state free;
hardware ethernet 00:16:3e:ef:c2:0c;
client-hostname "develop";
}
has not been transferred to unbound during its entire active time.
Is there a reason for that? Although not so familiar with python, I could not find any reason in the script, why this lease should not be transferred.
Any ideas?
Looking forward to your reply.
Br br
-
So ...
some progress here:
when adapting the parameter for the dhclient in /etc/dhcp/dhclient.conf to the value
send dhcp-lease-time 84000;
Then a lease is written after <=30min. to the unbound config dhcpleases.conf
In jessie, the default value for this is 3600 and the lease is then ignored by the python script. Obviously when the lease valid time is too short, then it is not forwarded to unbound.
Is there an option that
a) the transfer of leases can be made immediately
b) to make sure that lease transfers are working with the default values of different systems in the network
Can I configure this somewhere?
Looking forward to your reply
Br br
-
Hey
same here
Sometimes a fresh dhcp-lease results in a resolveable hostname in dns, but thats not often.
Most times: a fresh dhcp-lease will not result in a dns-entry to resolve hostname.
I think, this is a bug.