How to configure Dynamic DNS in Linux

Source: Internet
Author: User
Tags hmac dnssec
Article Title: Detailed description of Dynamic DNS service configuration in Linux. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.

In network management, DNS service management is a basic task. As the number of users expands, it is not easy to manually modify the DNS regional database files. The Research on Dynamic DNS has gradually attracted people's attention. different platforms have launched their own solutions. This article will introduce in detail the DDNS solution in Linux environment, that is, the BIND-DNS and DHCP (Dynamic Host Configure Protocol, Dynamic Host Configuration Protocol) collaborative work developed by Internet Software Consortium (ISC, and then implement DDNS together.

In Linux, implementing dynamic DNS requires not only the DNS software above Bind 8, but also the DHCP Server v3.0 and later versions, because only version above 3.0 fully supports DDNS. Therefore, the implementation environment in this article uses Slackware Linux 9.0 As the DDNS Server and runs the DNS and DHCP services at the same time. The DNS Server uses Bind 9.2.2, And the DHCP Server uses the DHCP Server v3.0pl2.

The following describes how to implement secure and Dynamic DNS in Linux.

  Create a key

To achieve dynamic DNS updates, you must first consider how to ensure secure implementation of DDNS. The method provided by ISC is to create a key for dynamic updates, which is used for verification during updates. To implement this function, run the following command as root:

Root @ slack9:/etc # dnssec-keygen-a HMAC-MD5-B 128-n USER myddns

Kmyddns. + 157 + 37662

The function of the above dnssec-keygen command is to generate an update key, where the parameter-a HMAC-MD5 refers to the key generation algorithm using the HMAC-MD5; the parameter-B 128 refers to the number of keys is 128 bits; parameter-n USER myddns indicates that the key USER is myddns.

A key file generated by this command is as follows:

-Rw -- 1 root 48 Jan 14 Kmyddns. + 157 + 37662.key

-Rw -- 1 root 81 Jan 14 Kmyddns. + 157 + 37662. private

You can view the content of the generated key file:

Root @ slack9:/etc # cat Kmyddns. + 157 + 37662.key

Myddns. INKEY02157 4gEF1Mkmn5hrlwYUeGJV3g =

Root @ slack9:/etc # cat Kmyddns. + 157 + 37662. private

Private-key-format: v1.2

Algorithm: 157 (HMAC_MD5)

Key: 4gEF1Mkmn5hrlwYUeGJV3g =

Read the key file carefully and you will find that the two files contain the same key. The key is the credential used by DHCP to perform security dynamic updates on DNS. You need to add the key to the configuration files of DNS and DHCP respectively.

[1] [2] [3] [4] [5] Next page

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.