Bind8 Dynamic DNS How-To?
Jim Reid
jim at rfc1035.com
Wed Jun 14 05:12:07 UTC 2000
>>>>> "Jeff" == Jeff Newton <Jeff_Newton at pmc-sierra.com> writes:
Jeff> Is stronger-authenticated updates in the works for a future
Jeff> Bind release?
It's available now. The current version - 8.2.2P5 - supports TSIG
authentication of all DNS queries and replies. This relies on both
parties sharing a common secret which the use to "sign" an MD5 hash of
the packet. nsupdate - the tool provided in 8.2.2P5 for dynamic
updates - has a -k option to enable it to select a TSIG key for
signing dynamic updates.
No doubt other authentication schemes and finer granularity controls
on dynamic updates will be in future versions of BIND, most likely in
BIND9.
More information about the bind-users
mailing list