DNAME usage?
Timothe Litt
litt at acm.org
Tue Nov 21 15:20:11 UTC 2017
On 17-Nov-17 18:04, Mark Andrews wrote:
> DYN used to just require a TSIG signed update request set to a server specified in
> a SRV record.
Depends on which service. The one I referred to is the one that was
popular (free) for people who wanted to reach a machine on a dynamic IP
address. Because it was popular, it was implemented in a number of
routers, including Linksys (low end) and Cisco (IOS). I believe they
discontinued the free version, but the protocol lives on.
It's worse than DNS UPDATE in an number of respects - but is trivial to
implement in a router or script as the core is just an HTTP GET.
>
> We have a perfectly fine protocol for updating the DNS but DNS hosting companies
> want to reinvent the wheel.
Agree. I wish that the DNS UPDATE protocol was the only one in the
wild. Unfortunately, (non-jail broken) routers don't provide that
option, but do provide the http ("dyn") version. So if you want to use
a service that requires it - or want to bridge a router that supports it
to DNS UPDATE, some invention is required. I outlined an approach that
works for me.
For reference, cisco's IOS (now) supports both methods - to some extent.
See
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr_dns/configuration/15-sy/dns-15-sy-book/Dynamic-DNS-Support.html#GUID-DCA9088D-EB90-46DE-9E33-306C30BB79CE
And from that page, here's the reference to dyndns (you can change the
URI for other http services; it lists 6 others)
add
http://test:test@members.dyndns.org/nic/update?system=dyndns&hostname=<h>&myip=<a>
I use https, of course.
Naturally, IOS doesn't support TSIG - so DNS UPDATE from it has to be
authorized by IP address. :-(
2136/7 have been around since 1997, so there's really no excuse for DNS
providers not tosupport them.
But we live in a world of excuses :-(
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20171121/6615b610/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4577 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20171121/6615b610/attachment.bin>
More information about the bind-users
mailing list