For a long time, I had on my whishlist the dynamic updating of DNS via DHCP. The MS Windows servers usually do it out-of-the box... but I don't want to bring a Windows-server into my private network. So after some google-work on the Internet I found this website.
All I need to do, was allow updates in the zones and tell isc-dhcpd how to do it.
So in the main settings I added the next lines (please note, I have a 172.16.3.0/24 subnet for my LAN):
ddns-update-style interim;
update-static-leases on;
key dhcpupdate
{
algorithm hmac-md5;
secret "YOURSECRETKEY";
}
zone 3.16.172.in-addr.arpa {
primary 172.16.3.250;
key dhcpupdate;
}
zone lan.example.com {
primary 172.16.3.250;
key dhcpupdate;
}
Now we also have to update the BIND-config:
key dhcpupdate
{
algorithm HMAC-MD5;
secret "YOURSECRETKEY";
};
zone "3.16.172.in-addr.arpa" {
type master;
file "master/3.16.172.in-addr.arpa-zone";
allow-update { key dhcpupdate; };
};
zone "lan.example.com" {
type master;
file "master/lan.example.com-zone";
allow-update { key dhcpupdate; };
};
Please note, that you have to make sure that the user bind is able to write/create files into the /var/named/etc/namedb/master
(chown bind /var/named/etc/namedb/master).
Now you have to restart the dhcpd and bind daemons.
Please substitute YOURSECRETKEY for your key, you can create this key with the command:
$ dnssec-keygen -a HMAC-MD5 -b 128 -n HOST dnsupdates
This command will generate two files and one with the extension .private and grep the part after the 'Key: ' line.
