Re: bind9

[Joe <joe@jretrading.com>]

On Fri, 1 Nov 2013 10:58:50 +0530
Arun Khan <knura9@gmail.com> wrote:

> On Fri, Nov 1, 2013 at 10:40 AM, Roman Gelfand <rgelfand2@gmail.com>
> wrote:
> > My workstations' ips are assigned by dhcp server on firewall.  The
> > bind9 is running on debian 7 box.  Is there a way to automatically
> > update forward and reverse zones?
> >
> 
> For known MAC addresses I usually assign 'fixed' ip addresses  + the
> hostname given by a DNS server (bind9).
> 
> ISC dhcp + bind9 can be configured to work in sync for dynamic
> updates.  I don't know about the reverse zones.
> 

Yes, reverse as well, as can the 2003 MS DNS and DHCP servers. BIND can
update between different machines, using a shared key for
authentication, I'm not sure if MS servers can.

Unfortunately, small routers generally can't do this kind of thing, and
sometimes not even add arbitrary DHCP parameters, so it is normally
recommended that in an AD domain, both DNS and DHCP are handled by one
of the directory servers. Clearly this hasn't happened here, and is
probably not possible to organise.

If an MS server can't find its workstations in DNS, it will use
broadcasts to locate them. This would probably need a fair bit of
scripting on Linux, maybe a mix of nmap and arp, as well as being able
to authenticate to BIND. Possibly just writing to /etc/hosts might be
enough for a small-scale application. I'm not aware of anything
ready-made, but I only dabble occasionally in network infrastructure,
and there might well be something that does this already.

-- 
Joe