DynDNS ?

/dev/rob0 rob0 at gmx.co.uk
Thu Jul 14 14:55:10 UTC 2005 

Michelle Konzack wrote:
>>Of course you have to have an allow-update command in your zone definition.
> 
> Thanks tor that info.

A couple other tips, in case you've not managed a dynamic zone before:

1. ALL zone changes will have to be done using nsupdate(8), unless you 
stop named and delete the zone's journal file (/var/named/*.jnl or the 
*.jnl in whatever directory you are using.) Do not attempt manual edits 
of your dynamic zone's file without doing this. Also, understand that 
deletion of the journal inhibits IXFR; slaves will have to transfer the 
whole zone, not just the changed data.

2. Comments in your nicely-edited zone file are gone. I had made mine 
such a pretty one, with human-friendly sorting of records, and comments; 
named and nsupdate ate them. :) $INCLUDE's and $GENERATE's will be 
included and generated into the zone file. named will do its own simple 
dictionary sort of records by name.

3. Notify is your friend, and so is BIND 9. I use Zoneedit service for 
the parent domain, and I tried setting them up as slave of the dynamic 
subzone. But they don't work with notifies, and they only do AXFR. I 
deleted that out of zoneedit and switched to a network of BIND 9 slaves. 
The slaves get their notifies and start their IXFR immediately. Changes 
are propagated in 2 seconds (when network lag is bad) or less.

> And if I am right, I need for security reason an existing A-Record
> and then I can update with:
> 
> ------------------------------------------------------------
> prereq yxdomain r40.private.mydomain.tld
> update add r40.private.mydomain.tld 86400 A $IPADDR
> <BLANK_LINE>
> ------------------------------------------------------------
> 
> Where the $IPADDR is remplaced by the CGI script.

Wouldn't you also use a variable in place of the RR name? I do. Will 
there only be one user? I've offered mine to friends, so I've got a 
handful of users. I started this because a paying customer was on a 
dynamic IP (PPPoE), and we needed to be able to find that host.

I use TXT records in mine. I generate a UTC string of update and store 
as a TXT record. I think that's a useful feature, because it tells me 
when a user last updated his/her record.

86400 is a bit long for a TTL, if this is truly a dynamic IP. My own is 
dynamic in form but not in practice, so I can use longer TTL's, but even 
so I choose to keep it no more than 3600. I use 900 for a friend on 
dialup, 1800 for IP's which change occasionally, and 3600 for mostly 
static IP's. (TTL value is set in the user record which the CGI script 
uses for authentication, and I use a variable for that, too.)

> This is easier as I was thinking...

Indeed. Have fun with it.
-- 
     mail to this address is discarded unless "/dev/rob0"
     or "not-spam" is in Subject: header

More information about the bind-users mailing list