DNS-DHCP configuration: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
Line 61: | Line 61: | ||
dnssec-keygen -a HMAC-MD5 -b 128 -n USER DHCP_UPDATER | dnssec-keygen -a HMAC-MD5 -b 128 -n USER DHCP_UPDATER | ||
</pre> | </pre> | ||
It creates a file called Kdhcp_updater.+???+?????.key | It creates a file called Kdhcp_updater.+???+?????.key. | ||
Get your hash from the key file and paste it in dhcp-dns-conf, which should look like this: | Get your hash from the key file and paste it in dhcp-dns-conf, which should look like this: | ||
<pre> | <pre> |
Revision as of 16:35, 28 February 2012
Configuration file for "dhcpd -4 -cf dhcpd.conf.ipv4 eth0"
# dhcpd.conf.ipv4 ############################## # default options: authoritative; log-facility local7; ddns-update-style interim; option domain-name "local.lan"; lease-file-name "/var/run/dhcpd/dhcpd.leases.ipv4"; default-lease-time 7200; max-lease-time 28800; update-conflict-detection false; ############################## # dynamic dns updates include "/etc/dhcp-dns.key"; zone local.lan. { primary 127.0.0.1; key updatekey; } zone 0.0.10.in-addr.arpa. { primary 127.0.0.1; key updatekey; } ############################## # subnet and host definitions subnet 10.0.0.0 netmask 255.255.255.0 { range 10.0.0.128 10.0.0.191; option routers 10.0.0.1; option domain-name-servers 10.0.0.1; option ntp-servers 10.0.0.1; option broadcast-address 10.0.0.255; } group { host printer { hardware ethernet 00:de:ad:be:ef:01; fixed-address 10.0.0.10; } host fridge { hardware ethernet 00:de:ad:be:ef:02; fixed-address 10.0.0.11; } update-static-leases on; }
And the dhcp-dns.conf file is generated by the following command:
dnssec-keygen -a HMAC-MD5 -b 128 -n USER DHCP_UPDATER
It creates a file called Kdhcp_updater.+???+?????.key. Get your hash from the key file and paste it in dhcp-dns-conf, which should look like this:
key updatekey { algorithm hmac-md5; secret "abcdefghijklmnopqrstuv=="; };
Then all we need is named.conf:
options { pid-file "/var/run/named/named.pid"; directory "/var/named"; listen-on port 53 {127.0.0.1;10.0.0.1;}; allow-query {127.0.0.0/8;10.0.0.0/24;}; }; //////////////////////////////////////////// // include key to receive updates from dhcpd include "/etc/dhcp-dns.key"; zone "." IN { type hint; file "named.root"; }; zone "local.lan" IN { type master; file "local.lan.zone"; allow-update { key updatekey; }; }; zone "0.0.10.in-addr.arpa" IN { type master; file "0.0.10.in-addr.arpa.rev"; allow-update { key updatekey; }; };