From owner-freebsd-questions Sun Oct 15 1:20:31 2000 Delivered-To: freebsd-questions@freebsd.org Received: from static.unixfreak.org (static.unixfreak.org [63.198.170.139]) by hub.freebsd.org (Postfix) with ESMTP id 2357137B503 for ; Sun, 15 Oct 2000 01:20:28 -0700 (PDT) Received: by static.unixfreak.org (Postfix, from userid 1000) id BC1DB1F20; Sun, 15 Oct 2000 01:20:27 -0700 (PDT) Subject: Re: Dynamic DNS server on freebsd? In-Reply-To: <14825.24053.455214.811803@guru.mired.org> "from Mike Meyer at Oct 15, 2000 02:34:13 am" To: Mike Meyer Date: Sun, 15 Oct 2000 01:20:27 -0700 (PDT) Cc: questions@freebsd.org From: Dima Dorfman Reply-To: dima@unixfreak.org X-Mailer: ELM [version 2.4ME+ PL82 (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII Message-Id: <20001015082027.BC1DB1F20@static.unixfreak.org> Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > Well, the web site didn't turn up anything. I'd like to set up a > dynamic DNS server on a FreeBSD box. If you're not familiar with the > concept, A machine that boots with a dynamic IP addresses runs a > client whenever the IP address changes, thus causing the DNS server to > change it's records so that the name for that machine now maps to the > new ip address. Basically, you need a dynamic zone, then you need the machine with the dynamic IP address to ask your server to update it. To make a dynamic zone (and you probably shouldn't do this with yourdomain.com, but rather something like dyn.yourdomain.com) you need to specify an allow-update option in the zone. Something like zone "dyn.yourdomain.com" { type master; file "db.dyn.yourdomain.com"; allow-update { some.address.com.; }; }; should work. There might be some other flag, but if there is, I can't remember it right now. As someone already mentioned, check www.isc.org for the manual. some.address.com. is the host which is allowed to submit updates. Updates are submitted using the nsupdate utility. The manual page is fairly comprehensive and includes many examples. The one problem here is that since the client has a dynamic IP address, you can't list it in allow-update. It may be possible to list the entire network, but that's not such a good idea. A better solution would be to allow updates from localhost, then have the client establish an ssh session to the server and call nsupdate. This is, of course, the Poor Man's(tm) solution to dynamic DNS. It's far from perfect. Among others, the problems include: 1) The ssh and nsupdate method isn't good if your server has untrusted users on it since they'd be able to update the zone, too. 2) If the client is a Windows machine, you need a command-line based ssh client. Depending on your situation, this may or may not work for you. I'm sure if anybody knows any better solutions they'll let you know. Hope this helps -- Dima Dorfman Finger dima@unixfreak.org for my public PGP key. "It's been said that there is no problem that cannot be solved by a suitable application of high explosives. Now if I can only figure out how to send them via e-mail ..." -- Vince Sabio To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message