Dynamic Updates from DHCP
Cricket Liu
cricket at menandmice.com
Mon Sep 23 19:37:25 UTC 2002
> I apologize in advance if this has already been addressed, I've searched
> around and can't find the answers.
>
> I'm running ISC bind and dhcp and am looking at implementing dhcp updating
> dns with client info instead of using WINS.
>
> We primarily have Windows 2k systems with Solaris back end. I've found a
> lot of documentation talking about it but how do you actually set it up???
> What is the syntax in the dhcpd.conf or named.conf?
Well, it depends on whether you're using TSIG-signed dynamic updates
or unsigned dynamic updates. I'll assume you're going to use TSIG.
The named.conf file has a key statement for the TSIG key, and the
zone statements for the forward- and reverse-mapping zones allow
updates signed with that key:
key dhcp-server.foo.example {
algorithm hmac-md5;
secret "<base64 secret>";
};
zone "foo.example" {
type master;
file "db.foo.example";
allow-update { key dhcp-server.foo.example; };
};
The dhcpd.conf file tells the DHCP server the name of the forward-
mapping zone, the key to use to sign updates, and some information
about the zone to update:
ddns-domainname "foo.example";
ddns-update-style interim;
ignore client-updates;
key dhcp-server.foo.example. {
algorithm hmac-md5;
secret "<base64 secret>";
}
zone foo.example. {
primary 127.0.0.1;
key dhcp-server.foo.example.;
}
zone 0.168.192.in-addr.arpa. {
primary 127.0.0.1;
key dhcp-server.foo.example.;
}
Note that the syntax of the dhcpd.conf file is similar to, but not
the same as, that of named.conf. In particular, there's no semicolon
to close the statement.
cricket
Men & Mice
DNS Software, Training and Consulting
www.menandmice.com
The DNS and BIND Cookbook, coming October 2002!
http://www.oreilly.com/catalog/dnsbindckbk/
More information about the bind-users
mailing list