DDNS update forwarding
Mark Andrews
marka at isc.org
Thu Dec 12 01:42:41 UTC 2013
In message <52A8E44A.1070509 at brandeis.edu>, John Miller writes:
> Hello folks,
>
> I'm getting ready to revamp our dynamic DNS setup here on campus, and am
> curious: what is everyone doing for update forwarding? Have you seen
> certain clients that will send updates based on NS records rather than
> the SOA record?
Which is what the update protocol specifies as the default destination
to send requests to.
> Perhaps a better question is: has anyone been bitten by leaving update
> forwarding disabled?
If you have a hidden master and clients that follow the RFC and
send to the nameservers then you will need to enable update forwarding.
The exact condfiguration depends on how you are authenticating
updates for the zone. If it is by IP address you will need to
configure the update forwarding server to use a similar acl. If
you are using TSIG then you can just forward all update requests.
If is off by default as it is the only safe configuration when you
don't know how the master is configured not because one shouldn't
forward update requests.
Mark
> John
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
> from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the bind-users
mailing list