Communicating with a DHCP Server

Previous page
Table of content
Next page

If your network uses DHCP to assign IP addresses to computers, you might not be able to enter a fixed IP address in your zone file because the IP address might be determined when the DHCP client boots, and could change between boots of the client. Chapter 5, Configuring Other Computers via DHCP, discusses two solutions to this problem: Configuring the DHCP server to assign a consistent address to clients or configuring the DHCP and DNS servers to communicate with one another. In the first case, you must take care to configure the DHCP and DNS servers consistently. For instance, if you want birch .threeroomco.com to be 192.168.1.2, you must set up that mapping in both the DHCP server's configuration files and in the DNS server's zone files ( ideally , in both the forward and reverse lookup zone files). This is a simple solution, but it can be tedious for a large domain.

Chapter 5 discusses the DHCP configuration side of DHCP/DNS communication, so you should consult Chapter 5 in addition to this section if you want to implement the inter-server communication solution. The BIND side of the equation is implemented in the named.conf file's zone section that corresponds to the zone in question. Specifically, you must add an allow-update option. For instance, such a zone definition might resemble the following: 

 zone "threeroomco.com" {         type master;         file "named.threeroomco.com";         allow-update { 192.168.1.1; } };

This configuration tells BIND to accept update information sent from 192.168.1.1, which should be the DHCP server for your network. You must make a similar change to the reverse DNS zone, if your server handles that and if you've configured the DHCP server to perform both forward and reverse updates.

WARNING

graphics/warning.gif

If your DNS server is exposed to the Internet, or if your local users aren't 100 percent trustworthy, accepting DNS updates even from a single remote computer can be risky. A miscreant might manage to hijack the DHCP computer's address or masquerade as that system, then make changes to your DNS server that might compromise other systems that rely upon the veracity of the DNS server's data. You can minimize your risks by running DNS and DHCP on the same computer, and allowing updates only from the localhost (127.0.0.1) address.



Previous page
Table of content
Next page
Advanced Linux Networking
Advanced Linux Networking
ISBN: 0201774232
EAN: 2147483647
Year: 2002
Pages: 203
Authors: Roderick W. Smith
BUY ON AMAZON
Crystal Reports 9 on Oracle (Database Professionals)
ERP and Data Warehousing in Organizations: Issues and Challenges
High-Speed Signal Propagation[c] Advanced Black Magic
SQL Tips & Techniques (Miscellaneous)
Documenting Software Architectures: Views and Beyond
C++ GUI Programming with Qt 3
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy