diy_rfc2136_dyndns_with_bind

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision		 Previous revision
Next revisionBoth sides next revision
diy_rfc2136_dyndns_with_bind [29.10.2013 13:56] Pascal Suterdiy_rfc2136_dyndns_with_bind [25.06.2021 09:10] Pascal Suter
Line 2: Line 2:
 ever since dyndns stopped to be completely free (including hassle-free) i was looking for alternatives. i recently stumbled across RFC2136 which can be used to provide dynamic dns services. since i have access to two nameservers running bind i decided to try it out.. it works pretty nicely :) ever since dyndns stopped to be completely free (including hassle-free) i was looking for alternatives. i recently stumbled across RFC2136 which can be used to provide dynamic dns services. since i have access to two nameservers running bind i decided to try it out.. it works pretty nicely :)
  
-there is a [[https://doc.pfsense.org/index.php/RFC2136_Dynamic_DNS|howto in the pfsense wiki]], however, that did not work for me. i had to use allow-update reather than update-policy.. don't know why, somehow it just seemed to have been ignored by the version of bind9 i am running on the servers. +there is a [[https://doc.pfsense.org/index.php/RFC2136_Dynamic_DNS|howto in the pfsense wiki]], however, that did not work for me. i had to use allow-update reather than update-policy.. don't know why, somehow it just seemed to have been ignored by the version of bind9 i am running on the servers. I've used in general the setup described in [[http://www.shakabuku.org/writing/dyndns.html|this very detailed webpage about dyndns with bind9]]
  
 this following howto will explain how i did my setup so that i could have a little bash script that would allow me to add new hosts to my dyndns with a single command. all my hosts will end with .dyn.mydomain.ch.  this following howto will explain how i did my setup so that i could have a little bash script that would allow me to add new hosts to my dyndns with a single command. all my hosts will end with .dyn.mydomain.ch. 
Line 22: Line 22:
  900        ; refresh (15 minutes)  900        ; refresh (15 minutes)
  600        ; retry (10 minutes)  600        ; retry (10 minutes)
- 2600       ; expire (43 minutes 20 seconds)+ 604800     ; expire (1 Week)
  30         ; minimum (30 seconds)  30         ; minimum (30 seconds)
  )  )
Line 43: Line 43:
 </code> **note** keep the //add_keys_here// comment exactly as it is, this is the marker for our script so it knows where to add new keys </code> **note** keep the //add_keys_here// comment exactly as it is, this is the marker for our script so it knows where to add new keys
   * edit your main named.conf file, usually in /etc/bind/named.conf and add an include line at the end of your zone definitions like so: <code>include "/etc/bind/dyn/named.conf";</code>   * edit your main named.conf file, usually in /etc/bind/named.conf and add an include line at the end of your zone definitions like so: <code>include "/etc/bind/dyn/named.conf";</code>
-  * create the "add_new_host.sh" script that will add new hosts to our setup. here are the contents of the script: <code>+  * create the "add_new_host.sh" script that will add new hosts to our setup. \\ 
 +**Note**: this script works with older versions of bind9, i.e. versions 9.14 and older i think. in version 9.16 the ''dnssec-keygen'' utility no longer produces tsig keys, so this script should be modified to use the ''tsig-keygen'' utility instead which is easier to use anyway. I just haven't had the time to do this and test it. I'll update this article as soon as i have to add the next dynamic dns host to my system ;) 
 + 
 +here are the contents of the script: <code bash add_new_host.sh>
 #!/bin/bash #!/bin/bash
 if [ -z "$1" -o "$1" == " " ]; then if [ -z "$1" -o "$1" == " " ]; then
Line 78: Line 81:
 -rw-r--r-- 1 root bind  322 Oct 29 13:45 named.conf -rw-r--r-- 1 root bind  322 Oct 29 13:45 named.conf
 </code> </code>
 +  * now use the script to add your first hostname. <code>./add_new_host myhost</code>if you did everything correctly (and if i described it all correctly) your client should now be able to update it's own dns entry with the key you received back from the script. 
 +===== script to remove hosts =====
 +optionally you can also create a little script to remove hosts just as easily. create a file called remove_hosts.sh with the following contents<code bash remove_hosts.sh>
 +#!/bin/bash
 +if [ -z "$1" -o "$1" == " " ]; then
 +        echo "usage: remove_host.sh <hostname>"
 +        echo "EXAMPLE: remove_host.sh myhost will remove myhost.dyn.mydomain.ch"
 +        exit 1
 +fi
 +cd /etc/bind/dyn/
 +hostname=${1}.dyn.mydomain.ch.
 +echo "old keys.conf entry: "
 +grep ${hostname} keys.conf
 +echo "remove key for ${hostname}"
 +cat named.conf | sed -e "/^\t\tkey ${hostname}.*$/d" | tee named.conf > /dev/null
 +cat keys.conf | sed -e "/^key ${hostname}.*$/d" | tee keys.conf > /dev/null
 +echo "reload bind";
 +/etc/init.d/bind9 reload
 +echo "currently active hosts:"
 +grep "key " named.conf | awk '{ print $2; }' | tr -d ";"
 +</code>
 +make it executable and run it to remove hotsts. **warning** make a backup of your keys.conf and your named.conf file before testing this :) 
 +  ./remove_host.sh myhost
 +
  • diy_rfc2136_dyndns_with_bind.txt
  • Last modified: 25.06.2021 12:39
  • by Pascal Suter