DDNS - limitation and excluding updates from certain networks
Grant Taylor
gtaylor at tnetconsulting.net
Wed Dec 20 17:40:31 UTC 2017
On 12/20/2017 06:27 AM, MAYER Hans wrote:
> And I don’t wont that this static names can by changed by someone out
> of an IP range, where it is allowed. I didn’t find any hint to block
> certain IP ranges to be updated within a dynamic zone.
I don't remember the specifics, but there is a way built into BIND to do
what you are wanting.
I think there's an ACL configuration where you can configure that DDNS
clients are only able to update the records that they own. - I think
ownership is related to the connecting IP.
I do remember that when I tested this, it was trivial to set up and one
configuration entry seemed to apply multiple DDNS clients.
I'm sorry, but I don't remember any more specifics.
--
Grant. . . .
unix || die
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3982 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20171220/615e4ebc/attachment-0001.bin>
More information about the bind-users
mailing list