A detailed explanation of dynamic DNS service configuration method under Linux system

Source: Internet
Author: User
Tags bind hmac key md5 dnssec linux

In network management, the management of DNS services is a fundamental task. With the expansion of the user scale, it is not easy to manually modify the DNS zone database files frequently. The research on Dynamic DNS (DDNS) has gradually aroused people's concern, and different platforms have introduced their own solutions. This article will detail the solution for DDNS in the Linux environment, BIND-DNS and DHCP (Dynamic Host Configure Protocol, developed by Internet Software Consortium (ISC). Dynamic Host Configuration Protocol) work together to realize the Ddns method.

Implementing dynamic DNS under Linux requires more than 8 DNS software, as well as a DHCP Server v3.0 version, because only 3.0 of the versions are fully implemented to support DDNS. Therefore, the implementation environment of this article uses Slackware Linux 9.0 as the DDNS server, which runs both DNS and DHCP services, where DNS server uses the BIND 9.2.2,DHCP server for DHCP server V3.0PL2.

The following is a detailed introduction to the implementation of secure, dynamic DNS in Linux environments.

Create key

To realize the dynamic update of DNS, the first thing to consider is how to ensure the implementation of DDNS safely. The approach given by ISC is to create a key that is dynamically updated and validated by the key when it is updated. To achieve this, you need to run the following command as root:

root@slack9:/etc# dnssec-keygen-a hmac-md5-b 128-n USER Myddns

kmyddns.+157+37662

The function of the above Dnssec-keygen command is to generate an update key, where the parameter-a hmac-md5 refers to the key generation algorithm using HMAC-MD5; parameter-B 128 refers to the number of digits of the key as 128 bits; parameter-n USER Myddns refers to the user of the key as Myddns.

The command generates a pair of key files as follows:

-RW-------1 root 18:26 kmyddns.+157+37662.key

-RW-------1 root root of Bayi 18:26 kmyddns.+157+37662.private



Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.