Question regarding names used for DDNS
Uwe Meyer-Gruhl
dhcp_email at congenio.de
Fri Nov 23 16:21:21 UTC 2012
Hi,
the ISC DHCP documentation says that which the interim DNS update
scheme, the DHCP server uses the hostname from the fqdn or hostname
option that the client sends. The domain part is being taken from the
ddns-domainname config option as per manpage.
This seems to be reflected in the standard definitions in server/dhcpd.c:
option server.ddns-hostname
= \n\
pick (option fqdn.hostname, option
host-name); \n\
option server.ddns-domainname = config-option
domain-name; \n\
option server.ddns-rev-domainname = \"in-addr.arpa.\";";
There also is a "ddns-hostname" config option which I expected to
override the client's request data. So I use host definitions like this:
host ddns-0000017 {
option host-name "labprinter1";
hardware ethernet 00:22:33:44:55:66;
option domain-name "unknown";
ddns-updates on;
do-forward-updates on;
do-reverse-updates on;
ddns-hostname "labprinter1";
ddns-domainname "unknown";
}
However, I have found that at least the reverse entry (PTR record) was
"test.test" in my case, when I coerced the client to send a FQDN option
(81) with that value.
Is there a way that I can use only the host- and domain-names (e.g.
"labprinter1.unknown" in my example above) from my host entry for both
forward and reverse DDNS updates no matter what the client thinks what
its name he has? I do not want my DHCP servers to act as a stand-in for
a DNS modification attack.
Thanks for any hints...
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20121123/a13b1494/attachment-0001.html>
More information about the dhcp-users
mailing list