У меня установлен SUSE Linux Enterprise Server 11.3, работающий на Amazon EC2 на основе официального AMI.
С настроенными DHCP и BIND (через yast) у меня проблемы с динамическим DNS.
Когда клиент подключается к DHCP-серверу, я получаю сообщение об ошибке:
Dec 31 04:26:41 ip-10-35-139-46 dhcpd: Unable to add forward map from XXXXXXX.containers.box to 192.168.2.8: not found
Серверы DHCP и DNS работают на одном сервере с адресом 192.168.1.1 на мостовом интерфейсе, соединяющем его с LXC. LXC настроены на DHCP с 192.168.1.1. (и журналы DHCP, похоже, подтверждают, что они работают правильно, в настоящее время у них есть функциональный доступ в Интернет, и адреса им назначаются сервером DHCP)
DNS-сервер также, по-видимому, функционирует на основе команд dig (вставлено ниже)
Я использую ISC dhcp-server 4.2.4.P2 и Bind 9.9.3P2.
Любая помощь будет принята с благодарностью.
Спасибо, Тодд
Вставка моих файлов resolv.conf, named.conf и dhcpd.conf.
resolv.conf
### /etc/resolv.conf file autogenerated by netconfig!
#
# Before you change this file manually, consider to define the
# static DNS configuration using the following variables in the
# /etc/sysconfig/network/config file:
# NETCONFIG_DNS_STATIC_SEARCHLIST
# NETCONFIG_DNS_STATIC_SERVERS
# NETCONFIG_DNS_FORWARDER
# or disable DNS configuration updates via netconfig by setting:
# NETCONFIG_DNS_POLICY=''
#
# See also the netconfig(8) manual page and other documentation.
#
# Note: Manual change of this file disables netconfig too, but
# may get lost when this file contains comments or empty lines
# only, the netconfig settings are same with settings in this
# file and in case of a "netconfig update -f" call.
#
### Please remove (at least) this line when you modify the file!
search containers.box ec2.internal
nameserver 127.0.0.1
nameserver 192.168.1.1
nameserver 172.16.0.23
dhcpd.conf
option domain-name "containers.box";
option domain-name-servers 192.168.1.1;
option routers 192.168.1.1;
default-lease-time 14400;
include "/etc/named.d/ToddKey";
ddns-update-style interim;
ignore client-updates;
ddns-updates on;
subnet 192.168.0.0 netmask 255.255.0.0 {
range 192.168.2.1 192.168.2.250;
default-lease-time 14400;
max-lease-time 172800;
zone private.lan. { primary 192.168.1.1; key ToddKey; }
zone 168.192.in-addr.arpa. { primary 192.168.1.1; key ToddKey; }
named.conf
# Copyright (c) 2001-2004 SuSE Linux AG, Nuernberg, Germany.
# All rights reserved.
#
# Author: Frank Bodammer, Lars Mueller <lmuelle@suse.de>
#
# /etc/named.conf
#
# This is a sample configuration file for the name server BIND 9. It works as
# a caching only name server without modification.
#
# A sample configuration for setting up your own domain can be found in
# /usr/share/doc/packages/bind/sample-config.
#
# A description of all available options can be found in
# /usr/share/doc/packages/bind/misc/options.
options {
# The directory statement defines the name server's working directory
directory "/var/lib/named";
# Write dump and statistics file to the log subdirectory. The
# pathenames are relative to the chroot jail.
dump-file "/var/log/named_dump.db";
statistics-file "/var/log/named.stats";
# The forwarders record contains a list of servers to which queries
# should be forwarded. Enable this line and modify the IP address to
# your provider's name server. Up to three servers may be listed.
#forwarders { 192.0.2.1; 192.0.2.2; };
# Enable the next entry to prefer usage of the name server declared in
# the forwarders section.
#forward first;
# The listen-on record contains a list of local network interfaces to
# listen on. Optionally the port can be specified. Default is to
# listen on all interfaces found on your system. The default port is
# 53.
#listen-on port 53 { 127.0.0.1; };
# The listen-on-v6 record enables or disables listening on IPv6
# interfaces. Allowed values are 'any' and 'none' or a list of
# addresses.
listen-on-v6 { any; };
# The next three statements may be needed if a firewall stands between
# the local server and the internet.
#query-source address * port 53;
#transfer-source * port 53;
#notify-source * port 53;
# The allow-query record contains a list of networks or IP addresses
# to accept and deny queries from. The default is to allow queries
# from all hosts.
#allow-query { 127.0.0.1; };
# If notify is set to yes (default), notify messages are sent to other
# name servers when the the zone data is changed. Instead of setting
# a global 'notify' statement in the 'options' section, a separate
# 'notify' can be added to each zone definition.
notify no;
include "/etc/named.d/forwarders.conf";
};
# To configure named's logging remove the leading '#' characters of the
# following examples.
#logging {
# # Log queries to a file limited to a size of 100 MB.
# channel query_logging {
# file "/var/log/named_querylog"
# versions 3 size 100M;
# print-time yes; // timestamp log entries
# };
# category queries {
# query_logging;
# };
#
# # Or log this kind alternatively to syslog.
# channel syslog_queries {
# syslog user;
# severity info;
# };
# category queries { syslog_queries; };
#
# # Log general name server errors to syslog.
# channel syslog_errors {
# syslog user;
# severity error;
# };
# category default { syslog_errors; };
#
# # Don't log lame server messages.
# category lame-servers { null; };
#};
# The following zone definitions don't need any modification. The first one
# is the definition of the root name servers. The second one defines
# localhost while the third defines the reverse lookup for localhost.
zone "." in {
type hint;
file "root.hint";
};
zone "localhost" in {
type master;
file "localhost.zone";
};
zone "0.0.127.in-addr.arpa" in {
type master;
file "127.0.0.zone";
};
# Include the meta include file generated by createNamedConfInclude. This
# includes all files as configured in NAMED_CONF_INCLUDE_FILES from
# /etc/sysconfig/named
include "/etc/named.conf.include";
zone "private.lan" in {
file "dyn/private.lan";
type master;
allow-update { key ToddKey; };
allow-transfer { any; };
};
logging {
category default { log_syslog; };
channel log_syslog { syslog; };
};
zone "168.192.in-addr.arpa" in {
allow-update { key ToddKey; };
allow-transfer { any; };
file "dyn/168.192.in-addr.arpa";
type master;
};
# You can insert further zone records for your own domains below or create
# single files in /etc/named.d/ and add the file names to
# NAMED_CONF_INCLUDE_FILES.
# See /usr/share/doc/packages/bind/README.SUSE for more details.
А также системный журнал запуска BIND:
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: starting BIND 9.9.3-P2 -t /var/lib/named -u named
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: built with '--prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc' '--localstatedir=/var' '--libdir=/usr/lib64' '--includedir=/usr/include/bind' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--with-openssl' '--enable-threads' '--with-libtool' '--enable-runidn' '--with-libxml2=/usr' '--with-gssapi' 'CFLAGS=-fmessage-length=0 -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector -funwind-tables -fasynchronous-unwind-tables -g -fno-strict-aliasing' 'LDFLAGS=-L/usr/lib64'
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: ----------------------------------------------------
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: BIND 9 is maintained by Internet Systems Consortium,
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: Inc. (ISC), a non-profit 501(c)(3) public-benefit
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: corporation. Support and training for BIND 9 are
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: available at https://www.isc.org/support
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: ----------------------------------------------------
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: adjusted limit on open files from 8192 to 1048576
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: found 4 CPUs, using 4 worker threads
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: using 4 UDP listeners per interface
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: using up to 4096 sockets
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: loading configuration from '/etc/named.conf'
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: using default UDP/IPv4 port range: [1024, 65535]
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: using default UDP/IPv6 port range: [1024, 65535]
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: no IPv6 interfaces found
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: listening on IPv4 interface lo, 127.0.0.1#53
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: listening on IPv4 interface lo, 127.0.0.2#53
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: listening on IPv4 interface eth0, 10.35.139.46#53
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: listening on IPv4 interface br0, 192.168.1.1#53
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: generating session key for dynamic DNS
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: sizing zone task pool based on 5 zones
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: set up managed keys zone for view _default, file 'managed-keys.bind'
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 10.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 16.172.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 17.172.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 18.172.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 19.172.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 20.172.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 21.172.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 22.172.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 23.172.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 24.172.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 25.172.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 26.172.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 27.172.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 28.172.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 29.172.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 30.172.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 31.172.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 64.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 65.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 66.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 67.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 68.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 69.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 70.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 71.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 72.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 73.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 74.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 75.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 76.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 77.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 78.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 79.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 80.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 81.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 82.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 83.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 84.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 85.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 86.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 87.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 88.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 89.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 90.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 91.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 92.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 93.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 94.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 95.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 96.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 97.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 98.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 99.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 100.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 101.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 102.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 103.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 104.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 105.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 106.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 107.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 108.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 109.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 110.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 111.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 112.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 113.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 114.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 115.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 116.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 117.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 118.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 119.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 120.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 121.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 122.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 123.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 124.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 125.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 126.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 127.100.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 0.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 127.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 254.169.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 2.0.192.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 100.51.198.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 113.0.203.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 255.255.255.255.IN-ADDR.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: D.F.IP6.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 8.E.F.IP6.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 9.E.F.IP6.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: A.E.F.IP6.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: B.E.F.IP6.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: automatic empty zone: 8.B.D.0.1.0.0.2.IP6.ARPA
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: command channel listening on 127.0.0.1#953
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: managed-keys-zone: loaded serial 0
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: zone localhost/IN: loaded serial 42
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: zone 0.0.127.in-addr.arpa/IN: loaded serial 42
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: zone 168.192.in-addr.arpa/IN: loaded serial 2013123100
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: zone private.lan/IN: loaded serial 2013123100
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: all zones loaded
Dec 31 04:35:09 ip-10-35-139-46 named[25012]: running
Dec 31 04:36:12 ip-10-35-139-46 named[25012]: received control channel command 'reload'
Dec 31 04:36:12 ip-10-35-139-46 named[25012]: loading configuration from '/etc/named.conf'
Dec 31 04:36:12 ip-10-35-139-46 named[25012]: using default UDP/IPv4 port range: [1024, 65535]
Dec 31 04:36:12 ip-10-35-139-46 named[25012]: using default UDP/IPv6 port range: [1024, 65535]
Dec 31 04:36:12 ip-10-35-139-46 named[25012]: no IPv6 interfaces found
Dec 31 04:36:12 ip-10-35-139-46 named[25012]: sizing zone task pool based on 5 zones
Dec 31 04:36:12 ip-10-35-139-46 named[25012]: reloading configuration succeeded
Dec 31 04:36:12 ip-10-35-139-46 named[25012]: reloading zones succeeded
Dec 31 04:36:12 ip-10-35-139-46 named[25012]: all zones loaded
Dec 31 04:36:12 ip-10-35-139-46 named[25012]: running
И полный журнал DHCP-сервера:
Dec 31 04:22:49 ip-10-35-139-46 dhcpd: Internet Systems Consortium DHCP Server 4.2.4-P2
Dec 31 04:22:49 ip-10-35-139-46 dhcpd: Copyright 2004-2012 Internet Systems Consortium.
Dec 31 04:22:49 ip-10-35-139-46 dhcpd: All rights reserved.
Dec 31 04:22:49 ip-10-35-139-46 dhcpd: For info, please visit https://www.isc.org/software/dhcp/
Dec 31 04:22:49 ip-10-35-139-46 dhcpd: Not searching LDAP since ldap-server, ldap-port and ldap-base-dn were not specified in the config file
Dec 31 04:22:49 ip-10-35-139-46 dhcpd: Wrote 8 leases to leases file.
Dec 31 04:22:49 ip-10-35-139-46 dhcpd: Listening on LPF/br0/0e:a1:29:d9:32:41/192.168.0.0/16
Dec 31 04:22:49 ip-10-35-139-46 dhcpd: Sending on LPF/br0/0e:a1:29:d9:32:41/192.168.0.0/16
Dec 31 04:22:49 ip-10-35-139-46 dhcpd: Sending on Socket/fallback/fallback-net
Dec 31 04:26:40 ip-10-35-139-46 dhcpd: DHCPDISCOVER from 22:a1:31:2e:29:d9 (XXXXXXX) via br0
Dec 31 04:26:41 ip-10-35-139-46 dhcpd: DHCPOFFER on 192.168.2.8 to 22:a1:31:2e:29:d9 (XXXXXXX) via br0
Dec 31 04:26:41 ip-10-35-139-46 dhcpd: DHCPREQUEST for 192.168.2.8 (192.168.1.1) from 22:a1:31:2e:29:d9 (XXXXXXX) via br0
Dec 31 04:26:41 ip-10-35-139-46 dhcpd: DHCPACK on 192.168.2.8 to 22:a1:31:2e:29:d9 (XXXXXXX) via br0
Dec 31 04:26:41 ip-10-35-139-46 dhcpd: Unable to add forward map from XXXXXXX.containers.box to 192.168.2.8: not found
Dig test DNS-сервер
dig google.com 192.168.1.1
; <<>> DiG 9.9.3-P2 <<>> google.com 192.168.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51212
;; flags: qr rd ra; QUERY: 1, ANSWER: 11, AUTHORITY: 13, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;google.com. IN A
;; ANSWER SECTION:
google.com. 127 IN A 74.125.228.134
google.com. 127 IN A 74.125.228.129
google.com. 127 IN A 74.125.228.137
google.com. 127 IN A 74.125.228.131
google.com. 127 IN A 74.125.228.136
google.com. 127 IN A 74.125.228.135
google.com. 127 IN A 74.125.228.142
google.com. 127 IN A 74.125.228.130
google.com. 127 IN A 74.125.228.128
google.com. 127 IN A 74.125.228.132
google.com. 127 IN A 74.125.228.133
;; AUTHORITY SECTION:
. 203245 IN NS a.root-servers.net.
. 203245 IN NS g.root-servers.net.
. 203245 IN NS h.root-servers.net.
. 203245 IN NS k.root-servers.net.
. 203245 IN NS b.root-servers.net.
. 203245 IN NS f.root-servers.net.
. 203245 IN NS c.root-servers.net.
. 203245 IN NS i.root-servers.net.
. 203245 IN NS l.root-servers.net.
. 203245 IN NS m.root-servers.net.
. 203245 IN NS j.root-servers.net.
. 203245 IN NS e.root-servers.net.
. 203245 IN NS d.root-servers.net.
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Dec 31 04:45:29 UTC 2013
;; MSG SIZE rcvd: 426
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6633
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;192.168.1.1. IN A
;; AUTHORITY SECTION:
. 10800 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2013123001 1800 900 604800 86400
;; Query time: 10 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Dec 31 04
ifconfig
br0 Link encap:Ethernet HWaddr FE:C7:44:8A:7C:53
inet addr:192.168.1.1 Bcast:192.168.255.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:7 errors:0 dropped:0 overruns:0 frame:0
TX packets:5 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:820 (820.0 b) TX bytes:830 (830.0 b)
eth0 Link encap:Ethernet HWaddr 22:00:0A:23:8B:2E
inet addr:10.35.139.46 Bcast:10.35.139.63 Mask:255.255.255.192
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:333542 errors:0 dropped:3 overruns:0 frame:0
TX packets:271272 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:106476543 (101.5 Mb) TX bytes:375013813 (357.6 Mb)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:399587 errors:0 dropped:0 overruns:0 frame:0
TX packets:399587 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:380974099 (363.3 Mb) TX bytes:380974099 (363.3 Mb)
vethqEZAM Link encap:Ethernet HWaddr FE:C7:44:8A:7C:53
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:7 errors:0 dropped:0 overruns:0 frame:0
TX packets:14 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:918 (918.0 b) TX bytes:1244 (1.2 Kb)
Решил мою проблему.
Я использовал другой домен в своих глобальных параметрах для моего DHCP-сервера «container.box», чем тот, который я назвал своей зоной на моем DNS-сервере «private.lan». Я подумал, раз уж я указывал, какую зону обновлять в файле dhcpd.conf, это не имеет значения, но это явно имеет значение.
Спасибо!
проблема в iptables Вы забыли указать опцию -o