From: Shawn Routhier Date: Tue, 4 Dec 2012 19:43:42 +0000 (-0800) Subject: [master] X-Git-Tag: v4_3_0a1~51 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=f30e277118dc4dd9c3e59ca436a32021c49a5777;p=thirdparty%2Fdhcp.git [master] Remove outdated section on ad-hoc DDNS [ISC-Bugs #21798 #29939] --- diff --git a/common/dhcp-eval.5 b/common/dhcp-eval.5 index 4a017d9fc..c9ad689bb 100644 --- a/common/dhcp-eval.5 +++ b/common/dhcp-eval.5 @@ -497,50 +497,8 @@ you will execute that command every time a scope is evaluated. .RE .SH REFERENCE: DYNAMIC DNS UPDATES .PP -The DHCP client and server have the ability to dynamically update the -Domain Name System. Within the configuration files, you can define -how you want the Domain Name System to be updated. These updates are -RFC 2136 compliant so any DNS server supporting RFC 2136 should be -able to accept updates from the DHCP server. -.SH SECURITY -Support for TSIG and DNSSEC is not yet available. When you set your -DNS server up to allow updates from the DHCP server or client, you may -be exposing it to unauthorized updates. To avoid this, the best you -can do right now is to use IP address-based packet filtering to -prevent unauthorized hosts from submitting update requests. -Obviously, there is currently no way to provide security for client -updates - this will require TSIG or DNSSEC, neither of which is yet -available in the DHCP distribution. -.PP -Dynamic DNS (DDNS) updates are performed by using the \fBdns-update\fR -expression. The \fBdns-update\fR expression is a boolean expression -that takes four parameters. If the update succeeds, the result is -true. If it fails, the result is false. The four parameters that the -are the resource record type (RR), the left hand side of the RR, the -right hand side of the RR and the ttl that should be applied to the -record. The simplest example of the use of the function can be found -in the reference section of the dhcpd.conf file, where events are -described. In this example several statements are being used to make -the arguments to the \fBdns-update\fR. -.PP -In the example, the first argument to the first \f\Bdns-update\fR -expression is a data expression that evaluates to the A RR type. The -second argument is constructed by concatenating the DHCP host-name -option with a text string containing the local domain, in this case -"ssd.example.net". The third argument is constructed by converting -the address the client has been assigned from a 32-bit number into an -ascii string with each byte separated by a ".". The fourth argument, -the TTL, specifies the amount of time remaining in the lease (note -that this isn't really correct, since the DNS server will pass this -TTL out whenever a request comes in, even if that is only a few -seconds before the lease expires). -.PP -If the first \fBdns-update\fR statement succeeds, it is followed up -with a second update to install a PTR RR. The installation of a PTR -record is similar to installing an A RR except that the left hand side -of the record is the leased address, reversed, with ".in-addr.arpa" -concatenated. The right hand side is the fully qualified domain name -of the client to which the address is being leased. +See the dhcpd.conf and dhclient.conf man pages for more information +about DDNS. .SH SEE ALSO dhcpd.conf(5), dhcpd.leases(5), dhclient.conf(5), dhcp-options(5), dhcpd(8), dhclient(8), RFC2132, RFC2131.