openldap, dlz and dynamic dns updates from isc-dhcpd
Jeff Lasslett
jeff.lasslett at gmail.com
Mon Sep 24 22:19:39 UTC 2012
Hi Evan,
Thanks for your reply. I must confess that I am working on my first
DHCP and BIND deployment and I'm sure that I don't yet understand
everything. So it's likely that I'm working with some wrong
assumptions.
On 25 September 2012 04:01, Evan Hunt <each at isc.org> wrote:
> I'm not aware of such a DLZ driver existing yet, but there's no
> technical reason why it couldn't be written.
Thanks. That's useful to know,
Here's a possibly wrong assumption: there are BIND deployments that
use openldap (or an RDBMS, or something else) rather than zone files
to hold DNS mappings (name to ip address & vice versa), and these
alternative backends are updated when the DHCP server hands out or
revokes a lease.
Is this so? If so, how is the DNS information updated?
>> Can encryption be used to dynamically update BIND's DLZs, just as it
>> can if zone files are used?
>
> I'm not sure what you mean by "using encryption".
:-) I'm not sure either. In DHCP config, within a zone { ... }
block, there are key <keyname> directives. It seems that BIND & DHCP
can use a key to be sure of each other and the validity of DNS updates
coming from the DHCP server. Am I on the right track? When I wrote
'encryption' this is what I was referring to.
Thanks,
Jeff
More information about the bind-users
mailing list