http://fedoranews.org/contributors/derek_pienaar/ddns http://ops.ietf.org/dns/dynupd/secure-ddns-howto.html http://www.wlug.org.nz/DHCPNotes are well worth reading.
(I plan to document my system at WLUGWiki soon too.)
DynamicDNS (DDNS) makes adding a new computer to my network as simple as plugging it into my switch. The new client tells the server what its host name is, and the server allocates it an address (DHCP) and lets the rest of the network know (DNS). No configuration at the server is required! (It's the next best thing to ZeroConf.) I like having this running as I was told it "couldn't be done" :-D.
The "secret key" is generated with dns-keygen.
/etc/named.conf
// Dave's own hacked named.conf
// with dynamic DNS :-D
options {
directory "/var/named";
allow-query {
192.168.10/24;
192.168.12/24;
localhost;
};
// forward only;
// forward first;
forwarders {
210.55.24.14;
210.55.24.8;
};
};
//
controls {
inet 127.0.0.1 allow { localhost; } keys { rndckey; };
};
// Master DNS servers
zone "." IN {
type hint;
file "named.ca";
};
// Localhost addresses
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
// Magic key which lets DHCP update DNS
key "DHCP-UPDATER" {
algorithm hmac-md5;
secret "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff";
};
// Home network
zone "invermay" {
type master;
notify no;
file "invermay.zone";
allow-update { key DHCP-UPDATER; };
};
// Reverse name resolution for home network
zone "12.168.192.in-addr.arpa" {
type master;
notify no;
file "named.invermay";
allow-update { key DHCP-UPDATER; };
};
// Reverse name resolution for wireless link
zone "10.168.192.in-addr.arpa" {
type master;
notify no;
file "named.invermay.decknet";
allow-update { key DHCP-UPDATER; };
};
include "/etc/rndc.key";/etc/dhcpd.conf
# Dave's own hacked dhcpd.conf
# with dynamic DNS :-D
# Don't forget command line options are in /etc/sysconfig/dhcpd
ddns-domainname "invermay";
ddns-update-style interim;
#ignore client-updates;
#ddns-updates off;
# Magic key which lets DHCP update DNS
key "DHCP-UPDATER" {
algorithm hmac-md5;
secret "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff";
};
# DNS zones to update
zone invermay. {
primary 127.0.0.1;
key DHCP-UPDATER;
}
zone 12.168.192.in-addr.arpa. {
primary 192.168.12.254;
key DHCP-UPDATER;
}
zone 10.168.192.in-addr.arpa. {
primary 192.168.10.254;
key DHCP-UPDATER;
}
# Home network on eth2
subnet 192.168.12.0 netmask 255.255.255.0 {
# Default gateway
option routers 192.168.12.254;
option subnet-mask 255.255.255.0;
option domain-name "invermay";
option domain-name-servers 192.168.12.254;
range 192.168.12.128 192.168.12.254;
default-lease-time 86400; # 1 day
max-lease-time 259200; # 3 days
authoritative;
ddns-updates on;
}
# Wireless link on eth0
subnet 192.168.10.0 netmask 255.255.255.0 {
# Default gateway
option routers 192.168.10.254;
option subnet-mask 255.255.255.0;
option domain-name "invermay";
option domain-name-servers 192.168.10.254;
range 192.168.10.128 192.168.10.254;
default-lease-time 86400; # 1 day
max-lease-time 259200; # 3 days
authoritative;
ddns-updates on;
}/var/named/invermay.zone
$ORIGIN .
$TTL 604800 ; 1 week
invermay IN SOA rata.invermay. root.rata.invermay. (
107 ; serial
28800 ; refresh (8 hours)
14400 ; retry (4 hours)
3024000 ; expire (5 weeks)
86400 ; minimum (1 day)
)
NS rata.invermay.
$ORIGIN invermay.
$TTL 129600 ; 1 day 12 hours
feijoa A 192.168.10.253
TXT "3128380ff01e7006b0688a5d32bba2d551"
$TTL 604800 ; 1 week
localhost A 127.0.0.1
ollienet A 192.168.12.254
rata A 192.168.12.254
tuxnet A 192.168.12.254/var/named/localhost.zone
$TTL 86400
$ORIGIN localhost.
@ 1D IN SOA @ root (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
1D IN NS @
1D IN A 127.0.0.1/var/named/named.invermay
$ORIGIN .
$TTL 604800 ; 1 week
12.168.192.in-addr.arpa IN SOA rata.invermay. root.rata.invermay. (
104 ; serial
28800 ; refresh (8 hours)
14400 ; retry (4 hours)
3024000 ; expire (5 weeks)
86400 ; minimum (1 day)
)
NS rata.invermay.
$ORIGIN 12.168.192.in-addr.arpa.
254 PTR rata.invermay./var/named/named/named.invermay.decknet
$ORIGIN .
$TTL 86400 ; 1 day
10.168.192.in-addr.arpa IN SOA rata.invermay. root.rata.invermay. (
101 ; serial
28800 ; refresh (8 hours)
14400 ; retry (4 hours)
3024000 ; expire (5 weeks)
86400 ; minimum (1 day)
)
NS rata.invermay.
$ORIGIN 10.168.192.in-addr.arpa.
$TTL 129600 ; 1 day 12 hours
253 PTR feijoa.invermay.
$TTL 86400 ; 1 day
254 PTR rata.invermay./var/named/named.local
$TTL 86400
@ IN SOA localhost. root.localhost. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS localhost.
1 IN PTR localhost.Arghhh!!!!
// just listen internally
listen-on {
192.168.10/24;
192.168.12/24;
};Seemed like a good idea, but screwed up dynamic updating for some reason. Kept getting connection refused messages. And I'd changed a few things so it took me all day to figure out.
Linux | LinuxNetworking | ServerEthernetConfig | ClientEthernetConfig
![[DIFF]](/moinmoin/ls_stardust/img/moin-diff.png "[DIFF]"){kind=small}
![[NEW]](/moinmoin/ls_stardust/img/moin-new.png "[NEW]"){kind=small}
![[?]](/moinmoin/ls_stardust/img/moin-search.png "[?]"){kind=small}
