On Mon, 29 Sep 2014 10:11:27 -0400 Stuart McMurray <kd5...@gmail.com> wrote:
> On Monday, September 29, 2014, Duncan Patton a Campbell <campb...@neotext.ca> > wrote: > > > My purpose here is to allow dynamic dns updates > > via nsupdate from a dhcp clients where addresses > > are subject to change. I have a solution that > > will remain stable so long as the !command > > hook in hostname.if remains stable. This is > > not as good as the dhclient.conf script interface > > as it can't exclude calls that don't change > > the interface, but hey... > > > > # more /etc/hostname.nfe0 > > dhcp > > !/usr/local/sbin/dydns.sh $if > > > > more /usr/local/sbin/dydns.sh > > #!/bin/ksh > > #rdate to make sure we're sync'd with the dydns server > > echo $@ >> /tmp/ddns.log > > date >> /tmp/ddns.log > > /usr/sbin/rdate -o 192.168.1.22 > > export ADDR=`ifconfig $1 | grep "inet "| cut -d ' ' -f 2` > > echo "server 192.168.1.22 > > zone indx.ca > > key u32.indx.ca 7U6+9Bqymcyn21vLHIlf9DWVIYvljkn/GIMqNhg3YpaSxUDoarpBPz/J > > Pm52kWD9GG1mpewiiKsYCcarWF2wUg== > > update delete u32.indx.ca. A > > update add u32.indx.ca. 86400 A $ADDR > > send > > " | nsupdate > > exit 0 > > > > where key is the shared private key produced by the output of > > > > dnssec-keygen -a HMAC-MD5 -b 512 -n USER u32.indx.ca. > > > > found in the output file Ku32.indx.ca.+157+08659.private > > > > and added to /var/named/keys.conf on the named server > > in the form > > > > key "u32.indx.ca" { > > algorithm hmac-md5; > > secret "7U6+9Bqymcyn21vLHIlf9DWVIYvljkn/GIMqNhg3YpaSxUDoarpBPz/J > > Pm52kWD9GG1mpewiiKsYCcarWF2wUg=="; > > }; > > > > and an entry to etc/named.conf > > > > zone "indx.ca" > > { > > ... > > allow-update > > { > > . > > . > > key u32.indx.ca ; > > . > > . > > }; > > }; > > > > Dhu > > > > > > On Mon, 29 Sep 2014 14:13:48 +0200 > > Bruno Flueckiger <inform...@gmx.net <javascript:;>> wrote: > > > > > On 29.09.2014 13:39, Duncan Patton a Campbell wrote: > > > > On Mon, 29 Sep 2014 05:28:27 -0600 > > > > Duncan Patton a Campbell <campb...@neotext.ca <javascript:;>> wrote: > > > > > > > >> /etc/dhclient.conf used to contain a > > > >> > > > >> script "tosomfile" ; > > > >> > > > >> option that could, amongst other things, be used to > > > >> set a dynamic assigned dns address to a named server. > > > >> > > > >> This functionality has been removed and I am trying to > > > >> figure out if there was some other mechanism to accomplish > > > >> this but I can't find any refs to it in the changes > > > >> between 5.1 and 5.5. > > > >> > > > >> Any info would be appreciated. > > > >> > > > >> Thanks, > > > >> > > > >> Dhu > > > >> > > > >> -- > > > >> Ne obliviscaris, vix ea nostra voco. > > > >> > > > >> > > > >> > > > > > > > > I found it in the 5.3 changes.. > > > > > > > > "Removed dhclient-script(8) and dhclient.conf(5) "script" directive. > > > > Do all interface and route configuration via ioctl's and routing > > > > sockets. " > > > > > > > > Unfortunately this mechanism was used for more than just routing. And > > > > without a dhclient-script to > > > > hack I don't see how a dynamic address can be updated vi the named/key > > > > mechanism. > > > > > > > > Dhu > > > > > > If your goal is to set entries in DNS for a machine which acts as DHCP > > > client there are two other possibilities I know of: > > > > > > 1. Use a reservation in DHCP server together with fixed entries in DNS > > > > > > 2. Get ISC DHCP from ports and configure it to make dynamic updates to > > > BIND > > > > > > Depending on your exact setup there may be other ways to achieve the > > > same as you did with the script. > > > > > > Bruno > > > > > > > > > > > > -- > > Ne obliviscaris, vix ea nostra voco. > > > > Why not have the DHCP server update DNS? > > > -- > J. Stuart McMurray This works in the case that you don't control the DHCP server and need to rely on some public/stock configuration. Dhu -- Ne obliviscaris, vix ea nostra voco.