[LEDE-DEV] DNS split horizon *without* dnsmasq
Eric Luehrsen
ericluehrsen at gmail.com
Sat Mar 31 11:57:15 PDT 2018
It seems I have static-stub wrong for its purpose. dhcpd and bind do
work together. To accomplish this, the bind instance needs to be master
for the domain zone and ptr zone where DHCP records will be entered.
This master zone needs to permit remote updates, preferably with a
secure key. dhcpd needs to be configure to dynamically update DNS
through binds remote control, again with the key if configured.
dhcpd reference conf to get started, incomplete
```||
|ddns-update-style standard;|||
|ddns-rev-domainname "in-addr.arpa.";|||
||
|zone openwrt.lan. {|
||| # where to send updates for hostid.openwrt.lan|
| primary 127.0.0.1; };|
||
|zone 1.168.192.in-addr.arpa. {|
| primary 127.0.0.1; }|;
||
|```|
||
bind reference conf to get started, incomplete
https://ftp.isc.org/isc/bind9/cur/9.9/doc/arm/Bv9ARM.ch06.html#dynamic_update_policies
```||
|zone "|||openwrt.lan|" { |
| type master;|
| file "/var/lib/bind/||||db.openwrt.lan||"; |
| update-policy {
# you can restrict record types, rather than "any"
|| grant [key-name] zonesub any; |
| }; |
|}; |
||
|zone "1.168.192.in-addr.arpa" {|
| type master;|
| file "|||/var/lib/bind|/db.1.168.192.in-addr.arpa";|
| update-policy {|
| grant [key-name] zonesub any;|
| };|
|};|
```
Both could include a key file like
```||
|key "key-name" { |
| algorithm [hash];
secret "passphrase"; };|
```
More information about the Lede-dev
mailing list