Date: Sun, 15 Oct 2000 01:20:27 -0700 (PDT) From: Dima Dorfman <dima@unixfreak.org> To: Mike Meyer <mwm@mired.org> Cc: questions@freebsd.org Subject: Re: Dynamic DNS server on freebsd? Message-ID: <20001015082027.BC1DB1F20@static.unixfreak.org> In-Reply-To: <14825.24053.455214.811803@guru.mired.org> "from Mike Meyer at Oct 15, 2000 02:34:13 am"
next in thread | previous in thread | raw e-mail | index | archive | help
> Well, the web site didn't turn up anything. I'd like to set up a
> dynamic DNS server on a FreeBSD box. If you're not familiar with the
> concept, A machine that boots with a dynamic IP addresses runs a
> client whenever the IP address changes, thus causing the DNS server to
> change it's records so that the name for that machine now maps to the
> new ip address.
Basically, you need a dynamic zone, then you need the machine with the
dynamic IP address to ask your server to update it. To make a dynamic
zone (and you probably shouldn't do this with yourdomain.com, but
rather something like dyn.yourdomain.com) you need to specify an
allow-update option in the zone. Something like
zone "dyn.yourdomain.com" {
type master;
file "db.dyn.yourdomain.com";
allow-update { some.address.com.; };
};
should work. There might be some other flag, but if there is, I can't
remember it right now. As someone already mentioned, check
www.isc.org for the manual. some.address.com. is the host which is
allowed to submit updates.
Updates are submitted using the nsupdate utility. The manual page is
fairly comprehensive and includes many examples.
The one problem here is that since the client has a dynamic IP
address, you can't list it in allow-update. It may be possible to
list the entire network, but that's not such a good idea. A better
solution would be to allow updates from localhost, then have the
client establish an ssh session to the server and call nsupdate.
This is, of course, the Poor Man's(tm) solution to dynamic DNS. It's
far from perfect. Among others, the problems include:
1) The ssh and nsupdate method isn't good if your server has
untrusted users on it since they'd be able to update the zone, too.
2) If the client is a Windows machine, you need a command-line based
ssh client.
Depending on your situation, this may or may not work for you. I'm
sure if anybody knows any better solutions they'll let you know.
Hope this helps
--
Dima Dorfman <dima@unixfreak.org>
Finger dima@unixfreak.org for my public PGP key.
"It's been said that there is no problem that cannot be solved by a
suitable application of high explosives. Now if I can only figure out
how to send them via e-mail ..."
-- Vince Sabio
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001015082027.BC1DB1F20>