On 23 March 2018 at 13:32, Meike Stone via bind-users < bind-users@lists.isc.org> wrote:
> Hello, > > at the moment, I use ISC dhcpd to register all client names in the DNS > (Bind) via isc's ddns api. Every thing is working well. > But now, some notebook clients should get company access via UMTS or > VPN. In this case, a radius server is controlling the IP addresses, > not the ISC dhcpd. > What's the mechanism for getting the IP address to the client? Is there a RADIUS client on the client machine, or is your VPN using DHCP to get addresses to the client? If the latter, then it likely has a mechanism for sending the same DNS Update messages that ISC's dhcpd does (DNS Update messages are a part of the DNS standard, and the ability to send them to maintain DNS for dynamic addresses is almost ubiquitous among DHCP implementations). It's possible your RADIUS server also can do DNS Update messages, but I'm so far removed from the time when I ran RADIUS servers that I confess I can't recall whether that was a common option. Is there any possibility, maybe that the clients send their lease time > and the Bind does delete the RR (like isc it would do), if the lease > time is over and if no ddns refresh was made? > I'm not aware of any way to automatically expire records in a dynamic zone. It's an ugly hack.. but if you could get your clients to also register a TXT record with a timestamp in it, you could have some sort of cron-based garbage collection script run to scan the zone for those TXT records, and delete all the records related to that name when the right amount of time has elapsed. That still has some obvious problems though, like what to do if a client doesn't update the TXT record if/when it renews its lease.
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users