How to set up DHCP Dynamic DNS on Ubuntu
In this video, we show you how to configure Dynamic DNS (DDNS) in Linux using Ubuntu 20.04 LTS with Bind9 and ISC DHCP
We’ll create a key for our DHCP server to authenticate with, configure the DNS server to accept DDNS updates from the DHCP server and the DHCP server to send DDNS updates to the DNS server
Useful links:
https://bind9.readthedocs.io/en/latest/advanced.html#dynamic-update
https://wiki.debian.org/Bind9
https://bind.isc.org/doc/arm/9.11/Bv9ARM.ch06.html#dynamic_update_policies
=============================
SUPPORT THE CHANNEL
Donate through Paypal:
https://paypal.me/DavidMcKone
Donate through Buy Me A Coffee:
https://buymeacoffee.com/dmckone
Become a monthly contributor on Patreon:
https://www.patreon.com/dmckone
Become a monthly contributor on YouTube:
https://www.youtube.com/channel/UCNrXJt8B931zF7nDC_rM85A/join
==============================
Configuration example:
1) Create Key File
Create a key file to keep the password separate from the main file
On the DNS server, switch to the bind folder
cd /etc/bind
Then create our key by running the following command
ddns-confgen -k dhcp1.templab.lan
Copy the key example and modify to suit, e.g.
key “dhcp1.templab.lan” {
algorithm hmac-sha256;
secret “/mAXOLTQUp8V9XzYnw88dkOkiDXBU6SNv/jEL3IgKVE=”;
};
I used the FQDN of the DHCP server to name this key, but it’s up to yourself as to what reference you want to use
Create a key file, paste the contents in and save this file
sudo nano dhcp1.key
Change the ownership if necessary
sudo chown root:bind dhcp1.key
2) Move Zone Files
The bind server needs to create new files and modify the zone files when updates are received. For this reason, any zones requiring dynamic updates need to be moved to /var/lib/bind/
sudo mv db.templab.lan /var/lib/bind/
sudo mv db.172.16 /var/lib/bind/
3) Update DNS Configuration
The DNS server configuration needs to be updated as the zone files have been moved
It needs to know where to find the key, where to find the zone files we’ve moved and be configured to allow updates from the DHCP server
First, make a backup copy of the file and then apply our changes
sudo cp named.conf.local named.conf.local.old
sudo nano named.conf.local
include “/etc/bind/dhcp1.key”;
zone “templab.lan” {
type master;
file “/var/lib/bind/db.templab.lan”;
update-policy {
grant dhcp1.templab.lan wildcard *.templab.lan A DHCID;
};
};
zone “17.16.172.in-addr.arpa” {
type master;
file “/var/lib/bind/db.172.16”;
update-policy {
grant dhcp1.templab.lan wildcard *.16.172.in-addr.arpa PTR;
};
};
The update policies above allows a computer with the key to change host records of any name in the forward lookup zone, but only if these are type A or DHCID records
This is possible because we used the wildcard option
It can also update the reverse lookup zone, but only if these are PTR records
Check the DNS server configuration syntax
sudo named-checkconf
Then restart and check the bind9 status
sudo systemctl restart bind9
sudo systemctl status bind9
4) Update DHCP Configuration
The DHCP server needs to know the key so we’ll create a new file and copy the key we created on the DNS server
cd /etc/dhcp
mkdir ddns-keys
sudo nano ddns-keys/dhcp1.key
It also needs updating to support DDNS, to tell it where to find the key, to enable DDNS using the standard style and also which zones to update, what the primary DNS server is and what key to use
First, make a backup copy of the file and then apply our changes
sudo cp dhcpd.conf dhcpd.conf.old
sudo nano dhcpd.conf
include “/etc/dhcp/ddns-keys/dhcp1.key”;
ddns-updates on;
ddns-update-style standard;
zone templab.lan. {
primary 172.16.17.10;
key dhcp1.templab.lan;
}
zone 16.172.in-addr.arpa. {
primary 172.16.17.10;
key dhcp1.templab.lan;
}
After saving the changes, restart and check the DHCP server status
sudo systemctl restart isc-dhcp-server
sudo systemctl status isc-dhcp-server
DNS should now be updated when IP addresses are leased or released
5) Maintenance
Pause DDNS before making static changes
sudo rndc freeze
Apply your changes, increment the serial number then resume
sudo rndc thaw
6) Troubleshooting
If host entries aren’t being updated monitor syslog on both servers
sudo tail -f /var/log/syslog
Credits:
LoveLife | Instrumental Prod. Blue Mango | EQMUSEQ.COM by Don Da Vinci
00:00 Intro
00:54 Assumptions
01:12 Create Key File
04:40 Move Zone Files
08:31 Configure DNS Server
15:12 Configure DHCP Server
21:05 Testing
33:28 Zone Maintenance
39:10 Summary
ddns setup,dynamic dns set up,dynamic dns explained,linux dynamic dns server,dynamic dns linux,ubuntu dynamic dns,ubuntu dynamic dns server,dhcp ddbns,dhcp ddbns-update-style,dhcp dynamic dns,dhcp dynamic dns updates,dhcp dynamic dns udpate,ddns
by Tech Tutorials – David McKone
linux dhcp server
it's easier to remember names than IP addresses and you can configure Dynamic DNS in Linux so the DHCP server tells the DNS server the computer name for IPs it leases out
NOTE: This video does not cover how to set up the DHCP server to lease IP addresses
This is about internal DDNS which is something to add-on to an existing DHCP server
To set up an internal DHCP server, check out this video first
https://youtu.be/ZlLMhcT4EgM
This video is hell of education for me. Now I understand how DHCP and DNS work together to resolve dynamically new device hostnames to IP addresses. Thank you sir!
I used you advice to configure a primary DNS+DHCP server with DDNS and for failure situation a secondary DNS+DHCP server, DDNS included. I works fine so fare. Thanks, for your detailed description. For security reason a set "ddns-confgen -k server1.home" for the primary server and include the reference into named.conf. Equal on the secondary "ddns-confgen -k server2.home". But, the primary server1.home continuously complaining about "TSIG server2.home: tsig verify failure (BADKEY)". Do i have to set on secondary server2.home the same key as on server1.home?
18:59
dumb question and the answer is probably yes.
If the both services are in the same machine can I just use the localhost addr?
you are my hero <3
i love you <3
Hi David.
I love the way you keep everything direct and to the point, with the right expectation on the level of knowledge and referring to previous videos instead of going over it again if your viewers need to brush up.
I last set up a DHCP and DNS server years ago, so your video was an excellent refresher. Thanks!👍
I have a question: i have a pair (master/slave) for both services (DNS and DHCP). On the slave system, do i need to produce a separate DHCP.key on the slave system (and bind that) or do i have to use the key file form the master system?
Thanks for the awesome tutorial… was able to follow nicely… althou still having an issue, and no clues in syslog….
—– Unable to add forward map from "FQDN Ommited" to 192.168.1.131: operation canceled —-
any sugestions?
Can you show in WebMin?
Hello. How solve that problem ?
Dec 24 15:44:28 dc1 dhcpd[2634]: DHCPACK on 192.168.1.140 to 66:28:30:e2:05:b3 (win) via ens18
Dec 24 15:44:31 dc1 named[1818]: client @0x7fa26c012038 192.168.1.140#51190: update 'cyxer.ru/IN' denied
did everything like in the vidio
20:54 On that step I had to add the following:
subnet 172.16.17.0 netmask 255.255.255.0 {
authoritative;
range 172.16.17.1 172.16.17.254;
default-lease-time 3600;
max-lease-time 3600;
option subnet-mask 255.255.255.0;
option broadcast-address 172.16.17.255;
option routers 172.16.17.0;
option domain-name-servers 8.8.8.8;
option domain-name "templab.lan";
}
Otherwise the service is not starting because of "No subnet declaration for ens18 (172.16.71.10)." in the /var/log/syslog file (the error msg is too long so its not displayed with the status check for me). I am putting this here in case someone has the same issue.
Very good and informative video, thanks. I have only a misunderstanding / question: what is the proper way to update the serial number when I change something to a zone and to keep database consistency? Thanks.
Hi, thanks for the information. I have a doubt, I what is the different between rndc daemon and ddns-confgen utility. Both service generate security keys. Do I need to use both in the named configuration file? Thanks for help.
this video tutorial helped me a lot!
great video! just what i have been trying to due with my bind server and pfsense dhcp server. thank you very much!
Thanks!
Thank you for this video. I was building my home network and I was thinking how would DHCP, DNS will work without having to have DDNS. You video answers this questions. But the other question comes to mind, this means I should stop router"s DHCP Server and use Ubuntu DHCP Server? Any recommendation or suggestions?
Congratluations for this very informative Video; followed your Steps and got DDNS instantly running on my Ubuntu 20.04 Box.
👍