dynamic update

[Kevin Darcy]

RFC 2136 explains Dynamic Update in detail, but simply put, it just consists
of special "queries" which a client can send to cause the nameserver to
(conditionally) change its master zone data. The "nsupdate" program provided
with BIND is a utility which is capable of forming Dynamic Updates and
sending them to the appropriate server(s).

To allow Dynamic Updates for a particular zone, use the
"allow-update" statement, which can specify addresses, TSIG key names, or a
combination of both. If you want to use crypto-authenticated Dynamic Update
using TSIG, then your client will also need to have access to the relevant
key (e.g. the "-k" option to nsupdate) so that it can properly sign the
update requests.

One gotcha is that once you've changed over to use Dynamic Update for a
zone, then it's very difficult to reliably make non-Dynamic Update changes
to the zone, since "named" will periodically overwrite the zone file. This
also precludes the use of directives like $INCLUDE or $GENERATE. So, once
you switch a zone to using Dynamic Update, count on doing *all* of your
maintenance for that zone via Dynamic Update unless you switch back.


- Kevin

John Smith wrote:

> can someone explain me what's dynamic update in DNS and how do i setup my
> DNS so they'll support that? thanks