Warren Kumari <[email protected]> wrote: > In order to manage these I have a web of point-to-point VPNs, and some > hub-to-spoke VPNs, and some similar. All I need is a mostly up to date > mapping of name → IPv4 address, and a combination of curl and "DynDNS > style" solutions is working perfectly for this, and has for many years.
I have similiar use cases: I'm doing this so that I can get there, not to run
a web site.
However, the "curl" solutions have often been unreliable as they were not
well integrated into the address configuration systems, be that
NetworkManager, netifd(openwrt), etc.
For instance on a few systems, at one point, one could wind up triggering the
update before the default (v6) route was actually installed.
And then of services going out of business, changing their APIs, obsoleting
authorizations, requiring password changes because their security sucked, ...
Also a bunch of ISP/COTS home routers will have support for some dyndns, but
not the one that I want to use, find reliable, or is... actually still in
business.
This is why I mostly reverted to "nsupdate" to my own infrastructure, but
that doesn't discover the outer NAT44. I even wound up with one toy zone
being used just for that, since mixing dynamic update DNS zones ("journaled")
vs ones I maintain with vi is a PITA.
This is why a standard would be good.
> I don't need to set the TTL, update anything other than an address, delete
> records, de-conflict updates (if I have multiple sites trying to update a
> record I have bigger issues!), ACME, etc.
So you've never copy and pasted the wrong authorization into the wrong place
and created a conflict? Which did not expire quickly because the TTL was
large.
--
Michael Richardson <[email protected]> . o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
_______________________________________________ DNSOP mailing list -- [email protected] To unsubscribe send an email to [email protected]
