Easy to use command line utility for creating and updating forward and revers DNS entries in dynamically updatable domains.
Supports zones on different servers, supports different keys for each zone, automatically creates reverse record and removes obsoleted ones.
~$ ddns-updater server.example.com 192.0.2.1
will create a forward A record in example.com
zone:
server 3600 IN A 192.0.2.1
and a reverse PTR record in 2.0.192.in-addr.arpa
zone:
1 3600 IN A server.example.com.
The zone you're about to manage must have dynamic updates enabled. It
should also require a key to authorize the updates. For
bind 9 nameserver the config would be similar to this
example, assuming you have nameserver config files in
/var/named
dnssec-keygen
:
~$ dnssec-keygen -a HMAC-MD5 -n HOST -b 512 example.com Kexample.com.+157+39941 ~$ cat Kexample.com.+157+39941.private Private-key-format: v1.2 Algorithm: 157 (HMAC_MD5) Key: 7i3+IXiKmU00jA4f8VWHwA==
ddns_key
and put the following into your /var/named/named.keys
file:
key ddns_key { algorithm hmac-md5; secret "7i3+IXiKmU00jA4f8VWHwA=="; };
/var/named/named.conf
and add the following:
options { ... }; include "/var/named/named.keys"; zone "example.com" { type master; file "masters/db.example.com"; allow-update { key ddns_key; }; }; zone "2.0.192.in-addr.arpa" { type master; file "masters/rev.192.0.2"; allow-update { key ddns_key; }; };
masters/
directory and
db.example.com
file owned by the user running
named
process (usually user named
), assuming
they're both writable for owner:
~# chown named /var/named/masters ~# chown named /var/named/masters/db.example.com ~# chown named /var/named/masters/rev.192.0.2
~# /etc/init.d/named restart Stopping named: [ OK ] Starting named: [ OK ]And that's it.
/var/named/named.keys
for authentication but feel free to
change the path to your named.keys
file in the config section
near the top of the ddns-updater
script.
~# ddns-updater server.example.com 192.0.2.1 Command: /usr/bin/nsupdate -y ddns_key:7i3+IXiKmU00jA4f8VWHwA== /tmp/tmpfile-BwSfIW Outgoing update query: ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0 ;; flags: ; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0 ;; UPDATE SECTION: server.example.com. 0 ANY ANY server.example.com. 3600 IN A 192.0.2.1 Command: /usr/bin/nsupdate -y ddns_key:7i3+IXiKmU00jA4f8VWHwA== /tmp/tmpfile-au9QHP Outgoing update query: ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0 ;; flags: ; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0 ;; UPDATE SECTION: 1.2.0.192.in-addr.arpa. 0 ANY ANY 1.2.0.192.in-addr.arpa. 3600 IN PTR server.example.com.
~$ host server.example.com server.example.com has address 192.0.2.1 ~$ host 192.0.2.1 1.2.0.192.in-addr.arpa domain name pointer server.example.com.Excellent! That's it ;-)