DokuWiki

User Tools

Site Tools

You are here: start » system » dns » bind
Trace: bind
system:dns:bind

Table of Contents

Bind Configuration

Here is some information about configuring bind.

ddns-updates

This means communication between a DHCP-daemon (generally the one from ISC) and bind. This way resolving names of hosts connected via DHCP gets possible.

Generating a Key

To ensure the identity of the updating DHCP-daemon, a preshared secret must be created: 

dnssec-keygen -a HMAC-MD5 -b 128 -n USER <name>

Customizing ''named.conf''

At the beginning the secret must be defined: 

key mykey {
        algorithm hmac-md5;
        secret "xxxxxxxxxxxxxxxxx";
};

Each subnet-definition (also reverse zones) must have an allow-update-statement: 

zone "nwl" IN {
        type master;
        file "pri/nwl.zone";
        allow-update { key mykey; };
        notify no;
};

Customizing ''rndc.conf''

Here the same secret as used in the named.conf must be defined: 

options {
        default-server  127.0.0.1;
        default-key     mykey;
};

server 127.0.0.1 {
        key     mykey;
};

key mykey {
        algorithm hmac-md5;
        secret "xxxxxxxxxxxxxxxxxxx";
};

Customizing ''dhcpd.conf''

Add the following to the definition of the desired subnet: 

 ddns-updates on;
 ddns-domainname "nwl";
 ddns-rev-domainname "in-addr.arpa";
 key mykey {
       algorithm hmac-md5;
       secret "xxxxxxxxxxxxxxxxxxx";
 }
 
 zone nwl. {
       primary 127.0.0.1;
       key mykey;
 }

zone 1.168.192.in-addr.arpa. { 

       primary 127.0.0.1;
       key mykey;
 }

The updates then get triggered via host-definitions: 

host tiny {
  hardware ethernet 00:0A:86:48:8C:B2;
  option host-name "tiny";
  ddns-hostname "tiny";
}

Sample Zone Files

forward Lookups

Datei: nwl.zone 

$ORIGIN .
$TTL 86400      ; 1 day
nwl                     IN SOA  killer.nwl. root.killer.nwl. (
                                2005120101 ; serial
                                28800      ; refresh (8 hours)
                                14400      ; retry (4 hours)
                                604800     ; expire (1 week)
                                86400      ; minimum (1 day)
                                )
                        NS      killer.nwl.
$ORIGIN nwl.
$TTL 86400      ; 1 day
localhost               A       127.0.0.1
gw                      A       192.168.1.1
killer                  A       192.168.1.2
svn                     CNAME   killer

reverse Lookups

Datei: 1.168.192.zone 

$ORIGIN .
$TTL 86400      ; 1 day
1.168.192.in-addr.arpa  IN SOA  killer.nwl. root.killer.nwl. (
                                2005120101 ; serial
                                10800      ; refresh (3 hours)
                                900        ; retry (15 minutes)
                                604800     ; expire (1 week)
                                86400      ; minimum (1 day)
                                )
                        NS      killer.nwl.
$ORIGIN 1.168.192.in-addr.arpa.
$TTL 3600       ; 1 hour
1                       PTR     gw.nwl.
2                       PTR     killer.nwl.

Bind 9 Administrator Reference Manual
ddns-updates howto

system/dns/bind.txt · Last modified: by 127.0.0.1