DDNS - limitation and excluding updates from certain networks

Grant Taylor gtaylor at tnetconsulting.net
Wed Dec 20 17:40:31 UTC 2017

On 12/20/2017 06:27 AM, MAYER Hans wrote:
> And I don’t wont that this static names can by changed by someone out 
> of an IP range, where it is allowed.  I didn’t find any hint to block 
> certain IP ranges to be updated within a dynamic zone.

I don't remember the specifics, but there is a way built into BIND to do 
what you are wanting.

I think there's an ACL configuration where you can configure that DDNS 
clients are only able to update the records that they own.  -  I think 
ownership is related to the connecting IP.

I do remember that when I tested this, it was trivial to set up and one 
configuration entry seemed to apply multiple DDNS clients.

I'm sorry, but I don't remember any more specifics.

Grant. . . .
unix || die

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3982 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20171220/615e4ebc/attachment-0001.bin>

More information about the bind-users mailing list