Chapter 16. Dynamic DNS Update (RFC2136)

Table of Contents

1. Configuration options
2. Per zone settings
3. SOA Serial Updates
3.1. SOA-EDIT-DNSUPDATE settings
4. DNS update How-to: Setup dyndns/rfc2136 with dhcpd
4.1. Setting up dhcpd
4.2. Setting up PowerDNS
5. How it works

Starting with the PowerDNS Authoritative Server 3.4.0, DNS update support is available. There are a number of items NOT supported:

The implementation requires the backend to support a number of new oparations. Currently, the following backends have been modified to support DNS update:

1. Configuration options

There are two configuration parameters that can be used within the powerdns configuration file.

experimental-dnsupdate [=no]

A setting to enable/disable DNS update support completely. The default is no, which means that DNS updates are ignored by PowerDNS (no message is logged about this!). Change the setting to experimental-dnsupdate=yes to enable DNS update support.

allow-dnsupdate-from

A list of IP ranges that are allowed to perform updates on any domain. The default is 0.0.0.0/0, which means that all ranges are accepted. Multiple entries can be used on this line (allow-dnsupdate-from=10.0.0.0/8 192.168.1.2/32). The option can be left empty to disallow everything, this then should be used in combination with the allow-dnsupdate-from domainmetadata setting per zone.

forward-dnsupdate [=yes]

Tell PowerDNS to forward to the master server if the zone is configured as slave. Masters are determined by the masters field in the domains table. The default behaviour is enabled (yes), which means that it will try to forward. In the processing of the update packet, the allow-dnsupdate-from and TSIG-2136-ALLOW are processed first, so those permissions apply before the forward-dnsupdate is used. It will try all masters that you have configured until one is successful.