Dynamic DNS
Dynamic DNS
is a system which allows the domain name data held in a
name server
to be updated in real time. The most common use for this
is in allowing an Internet domain
name to be assigned to a computer with a varying (dynamic)
IP address.
This makes it possible for other sites on the Internet to
establish connections to the machine without needing to
track the IP address themselves. A common use is for running
server software on a computer that has a dynamic IP address,
as is the case with many consumer Internet service providers.
Dynamic DNS service is provided on a large scale by various
DNS hosting services, which retain the current addresses
in a database and provide a "client" program to the user
which will send an update to the service whenever the server's
IP address has changed. Many routers and other networking
components contain a feature such as this in their firmware.
The first router to support Dynamic DNS was the UMAX UGate-3000
in 1999, which supported the TZO.COM dynamic DNS service.[1]
To implement dynamic DNS
it is necessary to set the maximum caching time of the domain
to an unusually short period (typically a few minutes).
This prevents other nodes on the Internet from retaining
the old address in their DNS cache, so that they will typically
contact the name server of the domain for each new connection.
Dynamic DNS is an integral part of Active Directory, due
in part to the fact that domain controllers register their
SRV resource records in DNS so that other computers in the
Domain (or Forest) can find them.
The term 'dynamic DNS' can be applied to any mechanism
for changing a DNS entry from a DNS client. For example,
there are many commercial and noncommercial Dynamic DNS
providers which provide Dynamic DNS service. Updates by
clients are not done as described in RFC
2136 or RFC
2845. The ddclient program, for example, sends
HTTP GET requests to the Dynamic DNS provider's server which
in turn updates the DNS entry.
'Dynamic DNS' is documented by RFC
2136 and is related to nsupdate, a utility to utilize
DDNS protocol. As updating DNS can be dangerous, TSIG can
be used to authenticate dynamic DNS updates to a DNS server
using HMAC-MD5 hash key. This key apparently needs to be
installed on every client that needs to utilize DDNS securely.
Microsoft elected to develop an alternative GSS-TSIG, which
uses Kerberos (protocol) for authentication and thus avoiding
the need for manual installation of hash keys. GSS-TSIG
is a proposed standard and is the only authentication supported
by Microsoft Windows 2000, Windows XP, and Windows 2003.
Although this authentication method is not supported in
BIND, which supports the TSIG authentication scheme set
out in RFC
2845, Windows DNS is otherwise fully interoperable with
BIND in versions of BIND subsequent to 8.2.2 (when SRV Record
support was introduced), and Microsoft has for some time
provided information on BIND interoperability with windows
DNS name spaces.
External links
This article is licensed under the GNU
Free Documentation License. It uses material from the
Wikipedia
article "Dynamic_DNS".
DynoHosts.com - Special
Web Site Hosting Offer: Economy Plan:
• 5 GB Space • 250 GB Transfer
• 500 Email Accounts • FREE! Software
• 10 MySQL Databases • 50 Email Forwards
• Forums, Blogging, Photo Galleries • No ads 24/7
Live Toll Free Support, 30 Day Money Back Guarantee, SSL,
eCommerce & more.
|
