From: Marcin Siodelski Date: Thu, 27 Mar 2014 14:11:33 +0000 (+0100) Subject: [3258] Updated DHCP-DDNS related sections with current limitations. X-Git-Tag: bind10-1.2.0rc1-release~27^2~2 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=eb0f09a098306ef19d1df0ac0cee0a6d4f94b4fa;p=thirdparty%2Fkea.git [3258] Updated DHCP-DDNS related sections with current limitations. --- diff --git a/doc/guide/bind10-guide.xml b/doc/guide/bind10-guide.xml index 1d2b374108..56806a0e13 100644 --- a/doc/guide/bind10-guide.xml +++ b/doc/guide/bind10-guide.xml @@ -5049,6 +5049,13 @@ Dhcp4/dhcp-ddns/qualifying-suffix "example.com" string Address duplication report (DECLINE) is not supported yet. + + + Server doesn't act upon expired leases. In particular, when the lease + expires, the server doesn't request removal of DNS records associated + with the lease. + + @@ -6465,6 +6472,13 @@ Dhcp6/dhcp-ddns/qualifying-suffix "example.com" string reconfiguration (RECONFIGURE) are not yet supported. + + + Server doesn't act upon expired leases. In particular, when the lease + expires, the server doesn't request removal of DNS records associated + with the lease. + + @@ -6638,6 +6652,16 @@ DhcpDdns/reverse_ddns/ddns_domains [] list (default) The server may be configured to listen over IPv4 or IPv6, therefore ip-address may an IPv4 or IPv6 address. + + + When DHCP-DDNS server is configured to listen at address other than + loopback address (127.0.0.1 or ::1), it is possible for the malicious + attacker to spoof the server. Therefore, other addresses should only + be used for testing purposes! In the future, an authentication + will be implemented to guard against spoofing attacks. + + + If the ip_address and port are changed, it will be necessary to change the @@ -7194,6 +7218,25 @@ DhcpDdns/reverse_ddns/ddns_domains[0]/dns_servers[0]/port 53 integer(default) +
+ DHCP-DDNS Server Limitations + The following are the current limitations of the DHCP-DDNS Server. + + + + As requests are received from the DHCP servers they are placed om a queue. + These requests are currently not persisted across shutdowns and so cannot + be recovered. + + + + + TSIG Authentication (RFC 2845) + is not supported yet. + + + +