How to set up DHCP Dynamic DNS on Ubuntu

Jan 17, 2022 · 3 mins read

How to set up DHCP Dynamic DNS on Ubuntu

In the video below, we show you how to configure Dynamic DNS (DDNS) in Linux using Ubuntu 20.04 LTS with Bind9 and ISC DHCP

We’ll create a key for our DHCP server to authenticate with, configure the DNS server to accept DDNS updates from the DHCP server and the DHCP server to send DDNS updates to the DNS server

Configuration example:

Create Key File
Create a key file to keep the password separate from the main file
On the DNS server, switch to the bind folder
```
cd /etc/bind
```
Then create our key by running the following command
```
ddns-confgen -k dhcp1.templab.lan
```
Copy the key example and modify to suit, e.g.
```
key "dhcp1.templab.lan" {  
	algorithm hmac-sha256;  
	secret "/mAXOLTQUp8V9XzYnw88dkOkiDXBU6SNv/jEL3IgKVE=";  
}; 
```
I used the FQDN of the DHCP server to name this key, but it’s up to yourself as to what reference you want to use

Create a key file, paste the contents in and save this file
```
sudo nano dhcp1.key
```
Change the ownership if necessary
```
sudo chown root:bind dhcp1.key
```
Move Zone Files
The bind server needs to create new files and modify the zone files when updates are received
For this reason, any zones requiring dynamic updates need to be moved to /var/lib/bind/
```
sudo mv db.templab.lan /var/lib/bind/
sudo mv db.172.16 /var/lib/bind/
```
Update DNS Configuration
The DNS server configuration needs to be updated as the zone files have been moved
It needs to know where to find the key, where to find the zone files we’ve moved and be configured to allow updates from the DHCP server
First, make a backup copy of the file
```
sudo cp named.conf.local named.conf.local.old
sudo nano named.conf.local
```
And then apply our changes
```
include "/etc/bind/dhcp1.key";  

zone "templab.lan" {
	type master;
	file "/var/lib/bind/db.templab.lan";
	update-policy {
	grant dhcp1.templab.lan wildcard *.templab.lan A DHCID;
	};
};

zone "17.16.172.in-addr.arpa" {
	type master;
	file "/var/lib/bind/db.172.16";
	update-policy {
	grant dhcp1.templab.lan wildcard *.16.172.in-addr.arpa PTR;
	};
};
```
The update policies above allows a computer with the key to change host records of any name in the forward lookup zone, but only if these are type A or DHCID records
This is possible because we used the wildcard option
It can also update the reverse lookup zone, but only if these are PTR records

Check the DNS server configuration syntax
```
sudo named-checkconf
```
Then restart and check the bind9 status
```
sudo systemctl restart bind9
sudo systemctl status bind9
```
Update DHCP Configuration
The DHCP server needs to know the key so we’ll create a new file and copy the key we created on the DNS server
```
cd /etc/dhcp  
mkdir ddns-keys  
sudo nano ddns-keys/dhcp1.key  
```
It also needs updating to support DDNS, to tell it where to find the key, to enable DDNS using the standard style and also which zones to update, what the primary DNS server is and what key to use

First, make a backup copy of the file
```
sudo cp dhcpd.conf dhcpd.conf.old
sudo nano dhcpd.conf
```
And then apply our changes
```
include "/etc/dhcp/ddns-keys/dhcp1.key";

ddns-updates on;
ddns-update-style standard;

zone templab.lan. {
	primary 172.16.17.10;
	key dhcp1.templab.lan;
}

zone 16.172.in-addr.arpa. {
	primary 172.16.17.10;
	key dhcp1.templab.lan;
}
```
After saving the changes, restart and check the DHCP server status
```
sudo systemctl restart isc-dhcp-server
sudo systemctl status isc-dhcp-server
```
DNS should now be updated when IP addresses are leased or released
Maintenance
Pause DDNS before making static DNS changes
```
sudo rndc freeze  
```
Apply your changes, increment the serial number then resume
```
sudo rndc thaw
```
Troubleshooting
If host entries aren’t being updated monitor syslog on both servers
```
sudo tail -f /var/log/syslog
```