Dynamic DNS from ICS DHSP to PowerDNS

Started by this.is.tom, April 20, 2025, 07:19:57 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
April 20, 2025, 07:19:57 PM
Hi everyone,
I am currently struggling to setup the dynamic DNS update from opnsense to powerdns.

In pdns.conf I added the interface of my FW to allow updates (actually the dhcp request is incoming on other vlnas / subnets, this is the GW IP of my opnsense in the network with powerdns).

But all I see is a time out in the opnsense: Unable to add forward map from hostname.my.domain to 192.168.10.15: timed out

Anyone any idea? I cant really find a tutorial for it.

allow-dnsupdate-from=192.168.1.1,127.0.0.0/8,::1
and I configured:
dnsupdate=yes

I created a tsig key:

pdnsutil list-tsig-keys
Apr 20 16:03:41 [bindbackend] Done parsing domains, 0 rejected, 0 new, 0 removed
wck. hmac-sha512. yFHsE/DG45Tb92MK5Ogu+2z2svqSo7OsfphKUw<SECRET>==


No errors in the pdns log:

Apr 20 15:54:23 dns01 systemd[1]: pdns.service: Consumed 9.958s CPU time.
Apr 20 15:54:23 dns01 pdns_server[4456]: Loading '/usr/lib/x86_64-linux-gnu/pdns/libgsqlite3backend.so'
Apr 20 15:54:23 dns01 pdns_server[4456]: Loading '/usr/lib/x86_64-linux-gnu/pdns/libbindbackend.so'
Apr 20 15:54:23 dns01 pdns_server[4456]: This is a standalone pdns
Apr 20 15:54:23 dns01 pdns_server[4456]: Listening on controlsocket in '/run/pdns/pdns.controlsocket'
Apr 20 15:54:23 dns01 pdns_server[4456]: [bindbackend] Parsing 0 domain(s), will report when done
Apr 20 15:54:23 dns01 pdns_server[4456]: [bindbackend] Done parsing domains, 0 rejected, 0 new, 0 removed
Apr 20 15:54:23 dns01 systemd[1]: Starting PowerDNS Authoritative Server...
Apr 20 15:54:23 dns01 pdns_server[4456]: UDP server bound to 127.0.0.1:5300
Apr 20 15:54:23 dns01 pdns_server[4456]: TCP server bound to 127.0.0.1:5300
Apr 20 15:54:23 dns01 pdns_server[4456]: PowerDNS Authoritative Server 4.5.3 (C) 2001-2021 PowerDNS.COM BV
Apr 20 15:54:23 dns01 pdns_server[4456]: Using 64-bits mode. Built using gcc 11.2.0.
Apr 20 15:54:23 dns01 pdns_server[4456]: PowerDNS comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it according to th>
Apr 20 15:54:23 dns01 pdns_server[4456]: [webserver] Listening for HTTP requests on 192.168.2.11:8081
Apr 20 15:54:23 dns01 pdns_server[4456]: Creating backend connection for TCP
Apr 20 15:54:23 dns01 pdns_server[4456]: About to create 3 backend threads for UDP
Apr 20 15:54:23 dns01 systemd[1]: Started PowerDNS Authoritative Server.
Apr 20 15:54:23 dns01 pdns_server[4456]: Done launching threads, ready to distribute questions
June 10, 2025, 11:38:46 AM #1
I am struggling with the same thing here as HTTP verification doesn't play nice here.

Here are some pointers:

Secret key is something like this:


Code Select
key "test" {
    algorithm hmac-sha512;
    secret "some.weird.string.ending.with==";
};

This is what tripped me in the first place.
Print
Go Up Pages1
User actions