On Mon, 29 Sep 2014 10:11:27 -0400
Stuart McMurray <kd5...@gmail.com> wrote:
> On Monday, September 29, 2014, Duncan Patton a Campbell <campb...@neotext.ca>
> wrote:
>
> > My purpose here is to allow dynamic dns updates
> > via nsupdate from a dhcp clients where addresses
> > are subject to change. I have a solution that
> > will remain stable so long as the !command
> > hook in hostname.if remains stable. This is
> > not as good as the dhclient.conf script interface
> > as it can't exclude calls that don't change
> > the interface, but hey...
> >
> > # more /etc/hostname.nfe0
> > dhcp
> > !/usr/local/sbin/dydns.sh $if
> >
> > more /usr/local/sbin/dydns.sh
> > #!/bin/ksh
> > #rdate to make sure we're sync'd with the dydns server
> > echo $@ >> /tmp/ddns.log
> > date >> /tmp/ddns.log
> > /usr/sbin/rdate -o 192.168.1.22
> > export ADDR=`ifconfig $1 | grep "inet "| cut -d ' ' -f 2`
> > echo "server 192.168.1.22
> > zone indx.ca
> > key u32.indx.ca 7U6+9Bqymcyn21vLHIlf9DWVIYvljkn/GIMqNhg3YpaSxUDoarpBPz/J
> > Pm52kWD9GG1mpewiiKsYCcarWF2wUg==
> > update delete u32.indx.ca. A
> > update add u32.indx.ca. 86400 A $ADDR
> > send
> > " | nsupdate
> > exit 0
> >
> > where key is the shared private key produced by the output of
> >
> > dnssec-keygen -a HMAC-MD5 -b 512 -n USER u32.indx.ca.
> >
> > found in the output file Ku32.indx.ca.+157+08659.private
> >
> > and added to /var/named/keys.conf on the named server
> > in the form
> >
> > key "u32.indx.ca" {
> > algorithm hmac-md5;
> > secret "7U6+9Bqymcyn21vLHIlf9DWVIYvljkn/GIMqNhg3YpaSxUDoarpBPz/J
> > Pm52kWD9GG1mpewiiKsYCcarWF2wUg==";
> > };
> >
> > and an entry to etc/named.conf
> >
> > zone "indx.ca"
> > {
> > ...
> > allow-update
> > {
> > .
> > .
> > key u32.indx.ca ;
> > .
> > .
> > };
> > };
> >
> > Dhu
> >
> >
> > On Mon, 29 Sep 2014 14:13:48 +0200
> > Bruno Flueckiger <inform...@gmx.net <javascript:;>> wrote:
> >
> > > On 29.09.2014 13:39, Duncan Patton a Campbell wrote:
> > > > On Mon, 29 Sep 2014 05:28:27 -0600
> > > > Duncan Patton a Campbell <campb...@neotext.ca <javascript:;>> wrote:
> > > >
> > > >> /etc/dhclient.conf used to contain a
> > > >>
> > > >> script "tosomfile" ;
> > > >>
> > > >> option that could, amongst other things, be used to
> > > >> set a dynamic assigned dns address to a named server.
> > > >>
> > > >> This functionality has been removed and I am trying to
> > > >> figure out if there was some other mechanism to accomplish
> > > >> this but I can't find any refs to it in the changes
> > > >> between 5.1 and 5.5.
> > > >>
> > > >> Any info would be appreciated.
> > > >>
> > > >> Thanks,
> > > >>
> > > >> Dhu
> > > >>
> > > >> --
> > > >> Ne obliviscaris, vix ea nostra voco.
> > > >>
> > > >>
> > > >>
> > > >
> > > > I found it in the 5.3 changes..
> > > >
> > > > "Removed dhclient-script(8) and dhclient.conf(5) "script" directive.
> > > > Do all interface and route configuration via ioctl's and routing
> > > > sockets. "
> > > >
> > > > Unfortunately this mechanism was used for more than just routing. And
> > > > without a dhclient-script to
> > > > hack I don't see how a dynamic address can be updated vi the named/key
> > > > mechanism.
> > > >
> > > > Dhu
> > >
> > > If your goal is to set entries in DNS for a machine which acts as DHCP
> > > client there are two other possibilities I know of:
> > >
> > > 1. Use a reservation in DHCP server together with fixed entries in DNS
> > >
> > > 2. Get ISC DHCP from ports and configure it to make dynamic updates to
> > > BIND
> > >
> > > Depending on your exact setup there may be other ways to achieve the
> > > same as you did with the script.
> > >
> > > Bruno
> > >
> > >
> >
> >
> > --
> > Ne obliviscaris, vix ea nostra voco.
> >
> > Why not have the DHCP server update DNS?
>
>
> --
> J. Stuart McMurray
This works in the case that you don't control the DHCP server
and need to rely on some public/stock configuration.
Dhu
--
Ne obliviscaris, vix ea nostra voco.
