is DDNS for me?
Kevin Darcy
kcd at daimlerchrysler.com
Wed Apr 4 23:00:39 UTC 2001
Brad Knowles wrote:
> At 2:58 PM -0400 4/4/01, Adam Lang wrote:
>
> > From what I've read, you can do that. The DNS server in Canada would have
> > to be configured for DDNS and then your friend in Finland would have to have
> > a local program that he would run that would update the DNS.
>
> Of course, DDNS is completely insecure -- once it's allowed,
> anyone can update the information on the server. Go back to the
> archives to read about discussions of ideas on how to do this
> securely, using tools (and aspects of the protocol) that do not yet
> exist, and may not exist for quite some time.
Um, TSIG-authentication exists today. nsupdate supports it. I use
TSIG-authenticated Dynamic Updates for virtually *all* DNS updates to our internal
DNS (everything except modifications to delegation records, since the BIND 8
nsupdate doesn't handle them properly).
- Kevin
More information about the bind-users
mailing list