How to Enable Dynamic DNS Updating for DHCP Clients

---

Note - Be aware that dynamic DNS updates are by nature a security risk.

By default, the Solaris DNS daemon (in.named) does not allow dynamic updates. Authorization for dynamic DNS updates is granted if the requesting host's IP address is assigned to the allow-update keyword in the appropriate zones of the named.conf configuration file on the DNS server system. No other security is provided. You must carefully weigh the convenience of this facility for users against the security risk created when you enable dynamic DNS updates.

---

1. At the DNS server, edit the /etc/named.conf file as root.

2. Find the zone section for the appropriate domain and add the DHCP server's IP addresses to the allow-update keyword.

   For example, if the DHCP server resides at addresses 10.0.0.1 and 10.0.0.2, a named.conf file for the dhcp.domain.com zone would be modified as follows:

   zone "dhcp.domain.com" in { type master; file "db.dhcp"; allow-update { 10.0.0.1; 10.0.0.2; }; }; zone "10.IN-ADDR.ARPA" in { type master; file "db.10"; allow-update { 10.0.0.1; 10.0.0.2; }; };

   Note that allow-update for both zones must be enabled to allow the DHCP server to update both A and PTR records on the DNS server.

3. On the DHCP server, start DHCP Manager.

4. Choose Modify from the Service menu.

   The Modify Service Options dialog box opens.

5. Select Update DNS Host Information Upon Client Request.

6. Specify the number of seconds to wait for a response from the DNS server before timing out, then click OK.

   The default value should be adequate. If you have timeout problems, you can increase the value later.

7. Click the Macros tab and ensure that the correct DNS domain is specified.

   The DNSdmain option must be passed with the correct domain name to any client that expects dynamic DNS update support. By default, DNSdmain is specified in the server macro, which is used as the configuration macro bound to each IP address.

8. Set up the DHCP client to specify its host name when requesting DHCP service.

   If you use the Solaris DHCP client, see "How to Enable a Solaris Client to Request Specific Host Name". If your client is not a Solaris DHCP client, see the documentation for your DHCP client for information about how to do this.

How to Enable a Solaris Client to Request Specific Host Name

1. On the client system, edit the /etc/default/dhcpagent file as root.

2. Find the keyword REQUEST_HOSTNAME in the /etc/default/dhcpagent file and modify it as follows:

   REQUEST_HOSTNAME=yes

   If there is a comment sign (#) in front of the keyword, remove the #. If the keyword is not present, insert it.

3. Edit the /etc/hostname.interface file on the client system and add the following line:

   inet hostname

   where hostname is the name you want the client to use.

4. As root, type the following commands to have the client perform a full DHCP negotiation upon rebooting:

   # pkill dhcpagent # rm /etc/dhcp/interface.dhc # reboot

   The DHCP server makes sure that the host name is not in use by another system on the network before the server assigns it to the client. Depending how it is configured, the DHCP server may update name services with the client's host name.

Customizing DHCP Service Performance Options

You can change options that affect the performance of the DHCP service. These options are described in the following table.

Table 10-1 Options Affecting DHCP Server Performance

Server Option	Description	Key in /etc/inet/dhcpsvc.conf
Number of BOOTP relay agent hops	If a request has traveled through more than a given number of BOOTP relay agents, it is dropped. The default maximum number of relay agent hops is 4, and it is not likely that this number will be surpassed unless your network is set up to pass requests through several BOOTP relay agents before they reach a DHCP server.	RELAY_HOPS=integer
Verification of IP address availability before making an offer	By default, the server pings an IP address before offering it to a client to verify that it is not already in use. You can disable this feature to decrease the time it takes to make an offer, but this creates the risk of having duplicate IP addresses in use.	ICMP_VERIFY=TRUE/FALSE
Automatic reading of dhcptab at specified intervals	The server can be set to automatically read the dhcptab at the interval in minutes you specify. If your network configuration information does not change frequently, and you do not have multiple DHCP servers, it is not necessary to reload dhcptab automatically. Also note that DHCP Manager gives you the option to have the server reload dhcptab after you make a change to the data.	RESCAN_INTERVAL=min
Length of time to reserve an IP address that has been offered	After a server offers an IP address to a client, it caches the offer, during which time the server does not offer the address again. You can change the number of seconds for which the offer is cached. The default is 10 seconds. On slow networks, you made need to increase the offer time.	OFFER_CACHE_TIMEOUT=sec

The following procedures describe how to change these options.

How to Customize DHCP Server Performance Options (DHCP Manager)

1. Choose Modify from the Service menu.

2. To change the number of BOOTP relay agents a request can pass through, specify a different Maximum Number of Relay Agent Hops.

3. To have the DHCP server verify that an IP address is not in use before it offers the address to a client, select Detect Duplicate IP Addresses.

4. To have the DHCP server read dhcptab at specified intervals, select Reload dhcptab Every n Minutes, and type the number of minutes for the interval.

5. To change the length of time the server holds an IP address open after it makes an offer, type the number of seconds in the field Cache Offers for n Seconds.

6. Select Restart Server if it is not already selected.

7. Click OK.

How to Customize DHCP Server Performance Options (Command Line)

If you change options with this procedure, the changed options affect only the current server session. If the DHCP server system reboots, the DHCP server starts with the settings specified during server configuration. If you want settings to apply to all future sessions, you must make changes using DHCP Manager.

1. Become superuser on the DHCP server system.

2. Type the following command:

   # /etc/init.d/dhcp stop # /usr/lib/inet/in.dhcpd options

   where options are any of the following:
   -h relay-hops	Specifies the maximum number of relay agent hops that can occur before the daemon drops the DHCP/BOOTP datagram.
   -n	Disables automatic duplicate IP address detection. This is not recommended.
   -t dhcptab_rescan_interval	Specifies the interval in minutes that the DHCP server should use to schedule the automatic rereading of the dhcptab information.
   -o seconds	Specifies the number of seconds the DHCP server should cache the offers it has extended to discovering DHCP clients. The default setting is 10 seconds.

   For example, the following command sets the hop count to 2, disables duplicate IP address detection, sets the rescan interval to 30 minutes, and sets the offer time to 20 seconds.

   # /usr/lib/inet/in.dhcp -h 2 -n -t 30 -o 20