RE: DDNS - limitation and excluding updates from certain networks

2017-12-20 Thread Philippe.Simonet
Hi Hans if you can afford, use ISC DHCP server DDNS method : - only DHCP server is allowed to update DNS server (forward / reverse zone), protect NSUPDATE with ACL, or better tsig - in dhcpd.conf : ddns-updates on; ddns-update-style interim; ignore

Re: DDNS - limitation and excluding updates from certain networks

2017-12-20 Thread Mukund Sivaraman
On Wed, Dec 20, 2017 at 10:40:31AM -0700, Grant Taylor via bind-users wrote: > On 12/20/2017 06:27 AM, MAYER Hans wrote: > > And I don’t wont that this static names can by changed by someone out of > > an IP range, where it is allowed. I didn’t find any hint to block > > certain IP ranges to be

Re: DDNS - limitation and excluding updates from certain networks

2017-12-20 Thread Grant Taylor via bind-users
On 12/20/2017 10:40 AM, Grant Taylor via bind-users wrote: I don't remember the specifics, but there is a way built into BIND to do what you are wanting. Well, my GoogleFu seems to working today: Link - DNS Dynamic Update (DNS and BIND, 4th Edition) -

Re: DDNS - limitation and excluding updates from certain networks

2017-12-20 Thread Grant Taylor via bind-users
On 12/20/2017 06:27 AM, MAYER Hans wrote: And I don’t wont that this static names can by changed by someone out of an IP range, where it is allowed. I didn’t find any hint to block certain IP ranges to be updated within a dynamic zone. I don't remember the specifics, but there is a way built

Re: DDNS - limitation and excluding updates from certain networks

2017-12-20 Thread Bob Harold
On Wed, Dec 20, 2017 at 8:54 AM, Mukund Sivaraman wrote: > On Wed, Dec 20, 2017 at 01:27:17PM +, MAYER Hans wrote: > > > > Dear Mukund, > > > > Many thanks for coming back. > > > > > You'll have to explain what you mean better for a more specific answer, > > > but see the

RNDC client protocol mode for NodeJS

2017-12-20 Thread Ray Bellis
For those of you that like Javascript, and like it server side, there's now an implementation of the RNDC protocol available for NodeJS: We hope people may find this useful. Please note that this is not officially supported ISC software. Ray Bellis

Re: DDNS - limitation and excluding updates from certain networks

2017-12-20 Thread Mukund Sivaraman
On Wed, Dec 20, 2017 at 01:27:17PM +, MAYER Hans wrote: > > Dear Mukund, > > Many thanks for coming back. > > > You'll have to explain what you mean better for a more specific answer, > > but see the manual for the "allow-update" ACL config option > > In my zone configuration I have an

Re: DDNS - limitation and excluding updates from certain networks

2017-12-20 Thread MAYER Hans
Dear Mukund, Many thanks for coming back. > You'll have to explain what you mean better for a more specific answer, > but see the manual for the "allow-update" ACL config option In my zone configuration I have an “allow-update” statement. Here I define all networks which are allowed to

Re: DDNS - limitation and excluding updates from certain networks

2017-12-20 Thread Mukund Sivaraman
On Wed, Dec 20, 2017 at 12:39:33PM +, MAYER Hans wrote: > > > Dear All, > > My environment: We are using the latest version of BIND and DHCP from ISC. > Our workstations ( mostly Windows and some Mac ) are in certain networks. > Only these networks are allowed to do dynamic DNS updates.

DDNS - limitation and excluding updates from certain networks

2017-12-20 Thread MAYER Hans
Dear All, My environment: We are using the latest version of BIND and DHCP from ISC. Our workstations ( mostly Windows and some Mac ) are in certain networks. Only these networks are allowed to do dynamic DNS updates. So when a PC is switched on its IPv4, IPv4 reverse, IPv6 and reverse is