# Configuring DHCP/BIND for dynamic DNS howto

## jlancaster

Now that I've got both BIND and DHCP running I would like to integrate the two with dynamic DNS.  I think DHCP is configured properly based on another thread.  Are there any configuration changes I need to make to BIND?  There is a discussion of *secure* DDNS at this link: http://ops.ietf.org/dns/dynupd/secure-ddns-howto.html

But this is my home network.  Is *secure* DDNS necessary?

Thanks,

Jim

dhcpd.conf:

------------------------------

ddns-update-style interim;

ignore client-updates;

default-lease-time 600;

max-lease-time 7200;

# Network services

group {

    ddns-updates off;

    # Gentoo Linux server

    host servername.domainname.local {

        fixed-address 192.168.1.2;

        }

    }

# Home network

subnet 192.168.1.0 netmask 255.255.255.0 {

    option domain-name-servers 192.168.1.2, 151.164.1.8;

    option domain-name "domainname.local";

    option routers 192.168.1.1;

    option broadcast-address 192.168.1.255;

    ddns-updates on;

    range 192.168.1.17 192.168.1.21;

    }

authoritative;

domain.local.hosts:

-----------------------

$ttl 38400

domainname.local.	IN	SOA	fenix.domainname.local. root.domainname.local. (

			1079362232

			10800

			3600

			604800

			38400 )

domainname.local.	IN	NS	fenix.domainname.local.

fenix.domainname.local.	IN	A	192.168.1.2

linksys.domainname.local.	IN	A	192.168.1.1

tivo.domainname.local.	IN	A	192.168.1.3

ns1.domainname.local.	IN	CNAME	fenix.domainname.local.

mail.domainname.local.	IN	CNAME	fenix.domainname.local.

192.168.1.rev:

-----------------

$ttl 38400

1.168.192.in-addr.arpa.	IN	SOA	fenix.domainname.local. root.domainname.local. (

			1079362296

			10800

			3600

			604800

			38400 )

1.168.192.in-addr.arpa.	IN	NS	fenix.domainname.local.

2.1.168.192.in-addr.arpa.	IN	PTR	fenix.domainname.local.

1.1.168.192.in-addr.arpa.	IN	PTR	linksys.domainname.local.

3.1.168.192.in-addr.arpa.	IN	PTR	tivo.domainname.local.

----------

## adaptr

 *Quote:*   

> But this is my home network. Is *secure* DDNS necessary? 

 

If you don't have port 53 open to the outside world, obviously not.

----------

## jlancaster

No, I have no intention of providing public DNS or DHCP services. I would just like to use DDNS on my internal network.

Is there s readme/howto/post that can help me getting it running?

Jim

----------

## moby

You need to make sure your DNS server config, /etc/named.conf, is setup to allow updates.  Something like this:  Below 10.1.1.240 is the IP Address of my DNS and DHCP server.  I also allow updates from localhost it's the same box.  If you had multiple DHCP servers that are setup to run failover, you would then put both servers IP address on the allow-update line.

zone  "foo.com" { 

        type master; 

        file  "foo.com.zone"; 

        allow-update { 10.1.1.240; 127.0.0.1; };

};

zone  "10.in-addr.arpa" { 

        type master; 

        file  "10.in-addr.arpa.zone"; 

        allow-update {10.1.1.240; 127.0.0.1; };

};

Another way to do this, one I don't recommend is to allow all/any hosts to update DNS.  Windows clients have an option that can be set to update DNS once they get an IP address.  So instead of DHCP updating DNS you can have each workstation do it.  Problem is, they can also delete records you don't want them to.

This is why one usually runs with security key's configured, and only allow updates from specified addresses.

----------

## jlancaster

Thanks.  I finally got it working.  For those who are interested, see this thread:  https://forums.gentoo.org/viewtopic.php?p=978489#978489

Thanks,

Jim

----------

