Filter
Top Products
4-17
Installing and Configuring Cisco Access Registrar, 4.2
OL-17221-02
Chapter 4 Configuring Cisco Access Registrar 4.2
Configuring Dynamic DNS
You enable dynamic DNS updates by creating and configuring new Resource Managers and new
RemoteServers, both of type dynamic-dns. The dynamic-dns Resource Managers specify which zones
to use for the forward and reverse zones and which Remote Servers to use for those zones. The
dynamic-dns Remote Servers specify how to access the DNS Servers.
Before you configure Cisco AR you need to gather information about your DNS environment. For a
given Resource Manager you must decide which forward zone you will be updating for sessions the
resource manager will manage. Given that forward zone, you must determine the IP address of the
primary DNS server for that zone. If the dynamic DNS updates will be protected with TSIG keys, you
must find out the name and the base64 encoded value of the secret for the TSIG key. If the resource
manager should also update the reverse zone (ip address to host mapping) for sessions, you will also need
to determine the same information about the primary DNS server for the reverse zone (IP address and
TSIG key).
If using TSIG keys, use aregcmd to create and configure the keys. You should set the key in the Remote
Server or the Resource Manager, but not both. Set the key on the Remote Server if you want to use the
same key for all of the zones accessed through that Remote Server. Otherwise, set the key on the
Resource Manager. That key will be used only for the zone specified in the Resource Manager.
To configure Dynamic DNS, complete the following steps:
Step 1 Launch aregcmd.
Step 2 Create the dynamic-dns TSIG Keys:
cd /Radius/Advanced/DDNS/TSIGKeys
add foo.com
This example named the TSIG Key, foo.com, which is related to the name of the example DNS server
we use. You should choose a name for TSIG keys that reflects the DDNS client-server pair (for example,
foo.bar if the client is foo and the server is bar), but you should use the name of the TSIG Key as defined
in the DNS server.
Step 3 Configure the TSIG Key:
cd foo.com
set Secret <base64-encoded string>
The Secret should be set to the same base64-encoded string as defined in the DNS server. If there is a
second TSIG Key for the primary server of the reverse zone, follow these steps to add it, too.
Step 4 Use aregcmd to create and configure one or more dynamic-dns Remote Servers.
Step 5 Create the dynamic-dns remote server for the forward zone:
cd /Radius/RemoteServers
add ddns
This example named the remote server ddns which is the related to the remote server type. You can use
any valid name for your remote server.
Step 6 Configure the dynamic-dns remote server:
cd ddns
set Protocol dynamic-dns