Dynamic zone...
Mark Elkins
mje at posix.co.za
Fri Dec 31 07:56:03 UTC 2010
I do this for my Laptops. They can pick up an address from the local
network (where ever I am visiting, Airports, Data Centers, friends, work
- etc) and then update the info back home on my own network.
Basics - when DHCPCD gets an IP from upstream - it uses nsupdate to send
this info to a dynamic zone hosted on your side.
Problems: The zone on your side needs to be dynamic - so should be
separate from your normal "static" zone, The comms should really be
secure - so you're going to learn a little about dnssec-keygen and
signatures.
This is actually an exercise that we get students to carry out in a DNS
training lab - but once set up - it works well and totally automated if
DHCP is being used. Ah! - I run Linux on my Laptops. I don't do Windows
- but there could be a way. Does this interest you?
So my assumptions are you are using BIND and some sort of Unix/Linux???
On your home zone, create a new zone called 'dhcp.abc.com'.
Use lowish TTL's, you'll need a 'complete' zone ie SOA and NS records.
Add the name of your machine here with the current A record.
Other stuff like a KEY record can be added later (a SIG(0) public key)
Add this new zone to any Slaves and to your own named.conf.
In your abc.com - add a CNAME record for your machine pointing to the
new zone..
machine IN CNAME machine.dhcp.abc.com
That separates the Dynamic stuff away from the static stuff!
It should also still resolve - but we are not finished.
Let me know if I should carry on.
On Thu, 2010-12-30 at 23:13 -0600, Jeff Justice wrote:
> I have a computer on a remote network that gets its IP dynamically
> from the ISP. I need to always know where that computer is. I had
> thought that I could simply "scrape" it's public IP, have it sent to
> my primary NS computer (which of course is on a static IP), then use
> that information to keep a zone updated on our DNS. So, for example,
> if my main domain for our company were:
>
> abc.com
>
> then it would be nice to have:
>
> remote.abc.com
>
> that I could use to always reach that machine no matter what its IP is.
>
> I'm sure this can be done, but can anyone explain in simple terms what
> I need to do?
>
> Jeff
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
--
. . ___. .__ Posix Systems - Sth Africa. e.164 VOIP ready
/| /| / /__ mje at posix.co.za - Mark J Elkins, Cisco CCIE
/ |/ |ARK \_/ /__ LKINS Tel: +27 12 807 0590 Cell: +27 82 601 0496
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 6696 bytes
Desc: not available
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20101231/73d96395/attachment.bin>
More information about the bind-users
mailing list