DDNS - limitation and excluding updates from certain networks

Dirk Gottschalk dirk.gottschalk1980 at googlemail.com
Tue Dec 26 21:35:21 UTC 2017

Hello Hans,

Am Mittwoch, den 20.12.2017, 12:39 +0000 schrieb MAYER Hans:
> Dear All,
> My environment: We are using the latest version of BIND and DHCP from
> ISC. Our workstations ( mostly Windows and some Mac ) are in certain
> networks. Only these networks are allowed to do dynamic DNS updates.
> So when a PC is switched on its IPv4, IPv4 reverse, IPv6 and reverse
> is registered. 
> So far everything works well. 
> Is there a way to configure, that names which are registered in other
> networks, are not allowed to be updated ? 

Ny DHCPd/BIND9 kombination does exactly what you mean. Existing zune entries
are not changed by DHCPD, because DHCPD only adds new "unknown" Entries
to the DNS database, or changes dynamic entrioes which have an existing DHID record set.

If i try to use a name that is already set manually as a static entry, DHCPd throws an
error to the logs like: "Record already available and no DHCID record foung, NOT mine!"

Is this the behavior you want?

I have set 'ddns-update-style standard' in my dhcpd.conf and it works well.


Dirk Gottschalk
Paulusstrasse 6-8
52064 Aachen
Tel.: +49 1573 1152350
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: This is a digitally signed message part
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20171226/e57aadac/attachment.bin>

More information about the bind-users mailing list