Configuring RFC 2136 Dynamic DNS updates

RFC 2136 Dynamic DNS registers a hostname on any DNS server supporting RFC 2136 style updates. This can be used to update DNS records on BIND and Windows Server DNS servers, amongst others.

RFC 2136 Dynamic DNS entries may be used at the same time as regular style Dynamic DNS service providers, and like those, any number of entries can be created. RFC 2136 will update the A record, and the AAAA record if IPv6 is configured on the monitored interface.

See also

Configuring the server infrastructure for RFC 2136 Dynamic DNS hosting is beyond the scope of this documentation, but there is a basic how-to in the recipes section: Configuring BIND as an RFC 2136 Dynamic DNS Server.

RFC 2136 Settings

Enable

Controls whether or not the entry is active. If it is unchecked, updates will not be performed for this entry.

Interface

The IP address on the chosen interface will be sent when performing the DNS update.

Hostname

The fully qualified domain name (FQDN) of the dynamic DNS entry to update. For example, myhost.example.com.

Zone

The hostname of the zone to update (optional).

TTL

The Time To Live for the DNS entry, in seconds. Higher values will be cached longer by other name servers, so lower values are better to be sure that DNS updates are picked up in a timely manner by other servers. Usually a value between 30 and 180 seconds is reasonable, depending on how often the IP address changes.

Key Name

The name of the key as specified in the DNS server configuration. For Host keys, this is typically the FQDN, so it would be identical to the value in the Hostname field. For Zone keys this would be the name of the DNS zone.

Key Algorithm

The algorithm used for the key.

Key

Secret TSIG domain key. Contains the actual text of the key, e.g. /0/4bxF9A08n/zke/vANyQ==. This value is generated by the DNS server or administrator.

Server

The IP address or hostname of the DNS server to which updates are sent.

Protocol

When unchecked, the DNS update is sent over UDP, when checked it uses TCP instead.

Use Public IP

By default, the interface IP address is always sent to the name server for the DNS update. If this box is checked, when a private IP address is detected on the selected Interface, a check is done to determine what the actual public IP address is, and then that IP address is used for the DNS update.

Update Source

Interface or address from which the firewall will send the DNS update request.

Update Source Family

Address family to use for sourcing updates (IPv4 or IPv6)

Record Type

Determines which record(s) will be updated for this entry. For the IPv4 address, use A, for IPv6, use AAAA, or choose Both.

Description

A free-text description of the entry for reference.

Configuring an RFC 2136 Client

To configure an RFC 2136 Dynamic DNS client:

  • Navigate to Services > Dynamic DNS

  • Click the RFC 2136 tab

  • Click fa-plus Add to add a new entry

  • Configure the options

  • Click Save

As with the other Dynamic DNS types, RFC 2136 updates are performed only when an IP address change is detected, or once every 25 days.