Create Your Own DynDns Service with Bind (Named)

1. First you need to generate the private and public key

You can do that with one simple command:
dnssec-keygen -a HMAC-MD5 -b 256 -n HOST dyn-key

I chose HMAC-MD5 hash algorithm, and I recommend to generate at least 256 bit keys.
The -n option: -n <nametype>: ZONE | HOST | ENTITY | USER | OTHER

We will have these two files:
Kdyn-key.+157+60890.key
Kdyn-key.+157+60890.private

2. Modify named.conf

Add this line to named.conf:
include "/etc/bind/dns.keys";

3. Create dns.keys configuration file

It must look like something similar to this example:

cat dns.keys  
key dyn-key. {  
    algorithm HMAC-MD5;
    secret "fop39Dcbz9HZ9sQqzo64fHorSIJXnmGjJ980BwTg6O4=";
};

We have to stop here for some words. Where is the "secret" come from?
You can find this private key in Kdyn-key.+157+60890.private.
In my case:

cat Kdyn-key.+157+60890.private  
Private-key-format: v1.3  
Algorithm: 157 (HMAC_MD5)  
Key: fop39Dcbz9HZ9sQqzo64fHorSIJXnmGjJ980BwTg6O4=  
Bits: AAA=  
Created: 20161015122904  
Publish: 20161015122904  
Activate: 20161015122904  

4. Allow Update Zone with these keys

Example:

zone "dyn.vinczejanos.info" {  
        type master;
        file "/etc/bind/db.dyn.vinczejanos.info";
        allow-query { any; };
        allow-update { key "dyn-key."; };
};

After the configuration is done, do not forget to restart bind.
/etc/init.d/bind9 restart

5. Check Update

cat update.sh  
cat << EOF | nsupdate -k "Kdyn-key.+157+60890.key"  
server ns20.vinczejanos.info  
zone dyn.vinczejanos.info.  
update delete test-dyn.dyn.vinczejanos.info  
update add test-dyn.dyn.vinczejanos.info 60 A 192.168.0.1  
show  
send  
EOF  

Vincze Janos Istvan

Read more posts by this author.

Hungary

Subscribe to Blog

Get the latest posts delivered right to your inbox.

or subscribe via RSS with Feedly!