inconsistent ddns behaviour

Simon Hobson dhcp1 at
Mon Mar 27 06:56:05 UTC 2017

Rick Dicaire <kritek at> wrote:

> There is no zone directive in the subnet declaration. Why are ddns updates being sent for that subnet?

Did you read what I wrote - a zone declaration is NOT required other than to specify the key to be used :

> > Is this expected behaviour?
> Yes.
> The default is to lookup the SOA record for the appropriate zones to find the master DNS server, and send updates (unsigned) to that. Thus with a correctly configured DNS, updates will be generated automagically without any admin intervention.
> However, using unsigned updates is considered insecure - and so you should be specifying DNS zones - not to indicate the master DNS, but to specify the signing key.

If you want no DDNS updates then you have to specify that you don't want them, with (IIRC) a ddns-update-<something> declaration (either globally or in a particular subnet).

More information about the dhcp-users mailing list