DDNS zone updater

Easy to use command line utility for creating and updating forward and revers DNS entries in dynamically updatable domains.

Supports zones on different servers, supports different keys for each zone, automatically creates reverse record and removes obsoleted ones.

Example use

~$ ddns-updater  server.example.com  192.0.2.1

will create a forward A record in example.com zone:

  server  3600  IN  A  192.0.2.1

and a reverse PTR record in 2.0.192.in-addr.arpa zone:

  1       3600  IN  A  server.example.com.

Server config

The zone you're about to manage must have dynamic updates enabled. It should also require a key to authorize the updates. For bind 9 nameserver the config would be similar to this example, assuming you have nameserver config files in /var/named

1. Create an authentication key with dnssec-keygen:

   ~$ dnssec-keygen -a HMAC-MD5 -n HOST -b 512 example.com
   Kexample.com.+157+39941
   ~$ cat Kexample.com.+157+39941.private
   Private-key-format: v1.2
   Algorithm: 157 (HMAC_MD5)
   Key: 7i3+IXiKmU00jA4f8VWHwA==
   

2. Name the key for example ddns_key and put the following into your /var/named/named.keys file:

   key ddns_key {
   	algorithm hmac-md5;
   	secret "7i3+IXiKmU00jA4f8VWHwA==";
   };
   

3. Finally configure your zones (aka domains) for dynamic updates. To do that open /var/named/named.conf and add the following:

   options { ... };
   
   include "/var/named/named.keys";
   
   zone "example.com" {
   	type master;
   	file "masters/db.example.com";
   	allow-update { key ddns_key; };
   };
   
   zone "2.0.192.in-addr.arpa" {
   	type master;
   	file "masters/rev.192.0.2";
   	allow-update { key ddns_key; };
   };
   

4. Make the masters/ directory and db.example.com file owned by the user running named process (usually user named), assuming they're both writable for owner:

   ~# chown named /var/named/masters
   ~# chown named /var/named/masters/db.example.com
   ~# chown named /var/named/masters/rev.192.0.2
   

5. Now restart the nameserver:

   ~# /etc/init.d/named restart
   Stopping named:      [  OK  ]
   Starting named:      [  OK  ]
   

   And that's it.
6. Now you're ready to test the ddns-updater. By default it uses /var/named/named.keys for authentication but feel free to change the path to your named.keys file in the config section near the top of the ddns-updater script.

   ~# ddns-updater server.example.com 192.0.2.1
   Command:  /usr/bin/nsupdate -y ddns_key:7i3+IXiKmU00jA4f8VWHwA== /tmp/tmpfile-BwSfIW
   Outgoing update query:
   ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:      0
   ;; flags: ; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
   ;; UPDATE SECTION:
   server.example.com.        0       ANY     ANY
   server.example.com.        3600    IN      A       192.0.2.1
   
   Command:  /usr/bin/nsupdate -y ddns_key:7i3+IXiKmU00jA4f8VWHwA== /tmp/tmpfile-au9QHP
   Outgoing update query:
   ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:      0
   ;; flags: ; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
   ;; UPDATE SECTION:
   1.2.0.192.in-addr.arpa. 0  ANY     ANY
   1.2.0.192.in-addr.arpa. 3600 IN    PTR     server.example.com.
   

7. The last thing is to verify that the zone has been updated:

   ~$ host server.example.com
   server.example.com has address 192.0.2.1
   ~$ host 192.0.2.1
   1.2.0.192.in-addr.arpa domain name pointer server.example.com.
   

   Excellent! That's it ;-)

ToDo

• support for config file
• IPv6 addresses support
• support for other types of records (CNAME, MX, etc)
• ... anyone keen to help with these items? Let me know ;-)

Download

Download the script, put your settings in its header and make it executable

ddns-updater (Colorized)

[ Home page ] Michal Ludvig <michal@logix.cz> © 2003-2012