[{"data":1,"prerenderedAt":385},["ShallowReactive",2],{"Categories":3,"NavIndexCategoriesCountFooter":203,"content-\u002F2008\u002F06\u002F08\u002Fconverting-existing-bind9-and-dhcpd-to-dynamic-dns\u002F":204},[4,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,68,70,71,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100,101,102,103,104,105,106,107,108,109,110,111,112,113,114,115,116,117,118,119,120,121,122,123,124,125,126,127,128,129,130,131,132,133,134,135,136,137,139,140,141,142,143,144,145,146,147,148,149,150,151,152,153,154,155,156,157,159,160,161,162,163,164,165,166,167,168,169,170,171,172,173,174,175,176,177,178,179,180,182,183,184,185,186,187,188,189,190,191,192,193,194,195,196,197,198,199,200,201,202],{"category":5},"System Administration",{"category":5},{"category":5},{"category":5},{"category":5},{"category":5},{"category":5},{"category":5},{"category":5},{"category":5},{"category":5},{"category":5},{"category":5},{"category":5},{"category":5},{"category":5},{"category":5},{"category":5},{"category":5},{"category":5},{"category":5},{"category":27},"Software Development",{"category":5},{"category":5},{"category":5},{"category":5},{"category":27},{"category":27},{"category":5},{"category":5},{"category":5},{"category":27},{"category":5},{"category":5},{"category":5},{"category":27},{"category":27},{"category":27},{"category":27},{"category":5},{"category":5},{"category":5},{"category":27},{"category":27},{"category":5},{"category":5},{"category":5},{"category":5},{"category":5},{"category":5},{"category":27},{"category":5},{"category":5},{"category":27},{"category":27},{"category":27},{"category":27},{"category":5},{"category":27},{"category":27},{"category":67},"Drones & RC",{"category":69},"DIY Projects",{"category":67},{"category":72},"Photography",{"category":69},{"category":69},{"category":69},{"category":67},{"category":69},{"category":69},{"category":69},{"category":69},{"category":69},{"category":69},{"category":69},{"category":69},{"category":69},{"category":69},{"category":69},{"category":69},{"category":69},{"category":69},{"category":67},{"category":69},{"category":69},{"category":67},{"category":67},{"category":72},{"category":72},{"category":72},{"category":67},{"category":67},{"category":67},{"category":67},{"category":67},{"category":67},{"category":67},{"category":67},{"category":67},{"category":67},{"category":5},{"category":5},{"category":72},{"category":67},{"category":67},{"category":67},{"category":67},{"category":67},{"category":67},{"category":5},{"category":67},{"category":67},{"category":72},{"category":72},{"category":67},{"category":67},{"category":67},{"category":67},{"category":67},{"category":67},{"category":67},{"category":67},{"category":67},{"category":67},{"category":67},{"category":67},{"category":72},{"category":67},{"category":138},"3D Printing - Laser Cutting - CNC",{"category":138},{"category":138},{"category":138},{"category":138},{"category":138},{"category":138},{"category":138},{"category":138},{"category":138},{"category":138},{"category":138},{"category":5},{"category":138},{"category":27},{"category":27},{"category":138},{"category":138},{"category":72},{"category":158},"Photography,3D Printing - Laser Cutting - CNC",{"category":27},{"category":27},{"category":69},{"category":27},{"category":27},{"category":27},{"category":27},{"category":5},{"category":67},{"category":5},{"category":5},{"category":27},{"category":27},{"category":27},{"category":27},{"category":27},{"category":69},{"category":27},{"category":27},{"category":27},{"category":27},{"category":181},"Home Assistant",{"category":181},{"category":72},{"category":27},{"category":27},{"category":72},{"category":138},{"category":5},{"category":72},{"category":72},{"category":138},{"category":27},{"category":181},{"category":181},{"category":72},{"category":72},{"category":72},{"category":72},{"category":72},{"category":72},{"category":72},{"category":72},191,{"id":205,"title":206,"body":207,"category":5,"date":366,"description":213,"embedImage":367,"extension":368,"image":367,"intro":367,"meta":369,"navigation":370,"path":371,"seo":372,"series":367,"sitemap":373,"stem":374,"tags":375,"__hash__":384},"content\u002F2008\u002F06\u002F08\u002Fconverting-existing-bind9-and-dhcpd-to-dynamic-dns.md","Converting existing bind9 and dhcpd to dynamic dns",{"type":208,"value":209,"toc":363},"minimark",[210,214,227,230,233,244,247,250,253,256,262,265,271,274,280,283,289,292,295,298,301,307,310,313,321,324,330,333,339,342,345,351,354,360],[211,212,213],"p",{},"I have a working dns (bind9) and dhcpd running on my home lan. This adds dynamic dns updates from dhcpd to bind9.",[211,215,216,217,226],{},"The following is mostly based on ",[218,219,220],"a",{"href":220,"rel":221,"target":225},"http:\u002F\u002Fwww.semicomplete.com\u002Farticles\u002Fdynamic-dns-with-dhcp\u002F",[222,223,224],"nofollow","noopener","noreferer","_blank",". Kudos til Trygve Laugstøl for assistance too :)",[211,228,229],{},"####Key",[211,231,232],{},"First - generate a key to use:",[234,235,240],"pre",{"className":236,"code":238,"language":239},[237],"language-text","dnssec-keygen -a hmac-md5 -b 128 -n USER dhcpupdate\n","text",[241,242,238],"code",{"__ignoreMap":243},"",[211,245,246],{},"This generates two files - you want the key from the *.key file - the last string on the line - will look like an md5.",[211,248,249],{},"####Bind9",[211,251,252],{},"Now - update bind. I use debian's basic setup - so my edits are in \u002Fetc\u002Fbind\u002Fnamed.conf.local",[211,254,255],{},"Add to the file",[234,257,260],{"className":258,"code":259,"language":239},[237],"key dhcpupdate {\n  algorithm hmac-md5;\n  secret \"your key - keep the quotes here\";\n};\n",[241,261,259],{"__ignoreMap":243},[211,263,264],{},"Then to each of the zone statements add",[234,266,269],{"className":267,"code":268,"language":239},[237],"allow-update { key dhcpupdate; };\n",[241,270,268],{"__ignoreMap":243},[211,272,273],{},"Here are my two zones updated:",[234,275,278],{"className":276,"code":277,"language":239},[237],"zone \"home.chrissearle.org\" {\n        type master;\n        file \"\u002Fetc\u002Fbind\u002Fhome.chrissearle.org\";\n        allow-update { key dhcpupdate; };\n",[241,279,277],{"__ignoreMap":243},[211,281,282],{},"};",[234,284,287],{"className":285,"code":286,"language":239},[237],"zone \"1.168.192.in-addr.arpa\" {\n        type master;\n        file \"\u002Fetc\u002Fbind\u002F1.168.192.in-addr.arpa\";\n        allow-update { key dhcpupdate; };\n};\n",[241,288,286],{"__ignoreMap":243},[211,290,291],{},"Make sure that the bind process can write to the location on disk where the zone files are - it will need to write the journal files there. In my case chmod g+w \u002Fetc\u002Fbind was needed.",[211,293,294],{},"####Testing bind9",[211,296,297],{},"Restart bind and then use the nsupdate command",[211,299,300],{},"This is based on my setup - home.chrissearle.org\u002F192.168.1.x",[234,302,305],{"className":303,"code":304,"language":239},[237],"# nsupdate\n> server localhost\n> key dhcpupdate thekeygoesherenoquotes\n> update add 50.1.168.192.in-addr.arpa 600 IN PTR testnode.home.chrissearle.org.\n> send\n> update add testnode.home.chrissearle.org. 600 IN A 192.168.1.50\n> send\n",[241,306,304],{"__ignoreMap":243},[211,308,309],{},"The site linked above has more info on what errors you can get and what they often mean.",[211,311,312],{},"####dhcpd",[211,314,315,316,320],{},"NOTE - I am running debian stable (etch). And I was using the dhcp package - this is 2.0 - way too old. Install dhcp3-server and purge dhcp or this ",[317,318,319],"strong",{},"simply won't work",".",[211,322,323],{},"To the top of my dhcpd.conf file I added the following (note that the authoritative line is due to upgrading dhcp from v2 to v3):",[234,325,328],{"className":326,"code":327,"language":239},[237],"ddns-update-style interim;\n\nupdate-static-leases on;\n\nauthoritative;\n\nkey dhcpupdate {\n  algorithm hmac-md5;\n  secret the-key-goes-here-no-quotes-this-time;\n}\n\nzone 1.168.192.in-addr.arpa {\n  primary localhost;\n  key dhcpupdate;\n}\n\nzone home.chrissearle.org {\n  primary localhost;\n  key dhcpupdate;\n}\n",[241,329,327],{"__ignoreMap":243},[211,331,332],{},"I have my home domain in a group:",[234,334,337],{"className":335,"code":336,"language":239},[237],"group {\n    option subnet-mask      255.255.255.0;\n    option routers  192.168.1.2;\n    option domain-name-servers      192.168.1.2;\n    option domain-name      \"home.chrissearle.org\";\n    ddns-domainname \"home.chrissearle.org\";\n",[241,338,336],{"__ignoreMap":243},[211,340,341],{},"All that has changed here is the added ddns-domainname line.",[211,343,344],{},"And for each host where I allocate fixed IP based on mac - add a ddns-hostname. For example:",[234,346,349],{"className":347,"code":348,"language":239},[237],"host slippen {\n  hardware ethernet 00:16:CB:B9:F5:B6;\n  fixed-address 192.168.1.6;\n  ddns-hostname \"slippen\";\n}\n",[241,350,348],{"__ignoreMap":243},[211,352,353],{},"Finally - for the dhcp range for non-fast IP addresses:",[234,355,358],{"className":356,"code":357,"language":239},[237],"            ddns-hostname = binary-to-ascii(10, 8, \"-\", leased-address);\n            ddns-domainname = \"home.chrissearle.org\";\n",[241,359,357],{"__ignoreMap":243},[211,361,362],{},"Hint - if your bind9 process listens to the internet then you must look at protecting ddns updates - probably with bind's controls{} syntax.",{"title":243,"searchDepth":364,"depth":364,"links":365},2,[],"2008-06-08 14:54:03 +0200",null,"md",{},true,"\u002F2008\u002F06\u002F08\u002Fconverting-existing-bind9-and-dhcpd-to-dynamic-dns",{"title":206,"description":213},{"loc":371},"2008\u002F06\u002F08\u002Fconverting-existing-bind9-and-dhcpd-to-dynamic-dns",[376,377,378,379,380,381,382,383],"dns","bind9","dhcp","named","dhcp3","ddns","dynamic dns","tutorial","eqluGQgQWJTrcbTU_foYbJ6knUMActysD_FDk67TUzk",1775293014748]