[Samba] Using BIND DNS Causes Duplicate Host Entries

Fri May 7 15:19:11 UTC 2021

On 04.05.2021 18:14, ralph strebbing via samba wrote:
> Hi All,
>
> I've had some time to properly monitor my setup now that we've
> switched to the new DHCP server that utilizes Samba's DNS through Bind
> with Roland's script facilitating the DNS Updates. However, one issue
> we've noticed is a considerable amount of duplication in the entries;
> For example, a host (like my laptop for a perfect example) has
> multiple nics, and thus has multiple IPs (Wifi, internal NIC, and Port
> Extender NIC), in my case I have 2 IPs that are being sent to DNS via
> the dyndns script; However there is now 2 entries in Bind for my
> laptop's hostname with both IPs, even if only one interface is valid
> lets say a day later (my wifi is turned off, or I'm only operating on
> wifi). For some reason, the DNS entries created are not expiring after
> the lease for DHCP expires causing multiple entries. I was wondering
> if there is a configuration change that needs made to bind or dhcpd
> that would help keep this clean? Is there maybe more tweaking needed
> for Roland's script to handle those expirations in a different way?
> Overall the goal here is to have DNS update at most with only active
> IPs as it used to be before utilizing Samba to handle the maintenance
> of the entries, since we'll have a lot of regular maintenance to keep
> the DNS table cleaned up otherwise.
>
> Below are my sanitized configs and a snippet of syslog for the DHCP server logs.
> dhcpd: http://haste.thegamingcorner.net/peheqayehu.makefile
> named.conf.options: http://haste.thegamingcorner.net/kixoqefike.cs
> Log File: http://haste.thegamingcorner.net/jovufupoco.sql
>
> I look forward to any insight!
> Regards,
> Ralph
>
Hi Ralf

ISC-dhcp never release or expire static defined entries.

I was only playing with IPV6, to overcome this problem and never tried 
it for ipV4 (and don't have the time right now to rewrite it

example:

#IMPOTANT: leading Zeros of MAC needs to be deleted and (not sure) lower 
case hex values; Pool address needs to be fully written ipv6
class "static-ip" { match binary-to-ascii(16, 8, ":", suffix(option 
dhcp6.client-id, 6)); }
#start defining the class and subclass
class "static-50:65:f3:29:2e:48" { match if binary-to-ascii(16, 8, ":", 
suffix(option dhcp6.client-id, 6)) = "50:65:f3:29:2e:48";} subclass 
"static-ip" 50:65:f3:29:2e:48; #Mani-PC
class "static-b0:5a:da:e3:97:75" { match if binary-to-ascii(16, 8, ":", 
suffix(option dhcp6.client-id, 6)) = "b0:5a:da:e3:97:75";} subclass 
"static-ip" b0:5a:da:e3:97:75; #Mani-LT
.......

#defining for every IP a single pool, which is now "dynamic" for dhcpd 
and will time out.
pool6 {range6 fd90:fee2:de72:7c4d:0000:0000:0000:0010/128; allow members 
of "static-50:65:f3:29:2e:48";} # ddns-hostname "Mani-PC";
pool6 {range6 fd90:fee2:de72:7c4d:0000:0000:0000:0011/128; allow members 
of "static-b0:5a:da:e3:97:75";} # ddns-hostname "Mani-LT";
......

Hope this is helpful for you

Mani

BTW: I only have around 15 defined MAC addresses and don't see any time 
penalty