Philip Prindeville <philipp_s...@redfish-solutions.com> writes: > https://github.com/openwrt/packages/pull/14240 > > The previous one is a precursor for getting Bind to start before DHCPD.
That makes more sense yes. I looked at it briefly. A couple of notes without testing: I would not have used a key named "rdnc"-anything for zone updates. rndc is the remote management tool for BIND, and most users will probably assume that a key with such a name is dedicated to restricting rndc access. And I would have defined a limited "update-policy" for each key/identity instead of using "allow-update". You probably only want the DHCP server to modify A records in the forward zone and PTR records in the reverse zone. Alternatively, you might want to consider "update-policy local" since BIND and the DHCP server runs on the same host. This has the advantage that only local clients are allowed to do updates. BIND will automatically generate a HMAC-SHA256 session key named “local-ddns” and store it in /var/run/named/session.key (These defaults can be adjusted using session-keyfile, session-keyname, and session-keyalg options). Just point the DHCP server to that file and key name. Bjørn _______________________________________________ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel