自己建立一个ddns server

Summary

This how-to explains a way to build your own dynamic DNS server.

Main

Hi, since some time my DDNS provider has problems which cause the loss of the connection to my home server.
To prevent this loss I’ve read some manpages and build my own DDNS server.

 This is not a how-to about DNS, bind or any other software I’ve used. 

Warranty

There is no warranty that this how-to works for any system.
I’m just providing these information because it worked for me this way.
If you have questions you can leave a message here but I decide whether I’ll answer and help or not.

Requirements:

• own server with static IP
• own domain resolving (e.g.: example.org)
• subdomain delegated to to your server (e.g.: dyndns.example.org)
• php5
• webserver supporting PHP (I use Lighttpd, but any will do)
• bind>=9
• dnsutils

Configurations

You have to change all ‘dyndns.example.org’ to your domain.

bind

1. the bind user requires write-access to bind working directory:
   

   // named.conf
   options {
     ...
     ; working directory of bind
     directory "/var/named";
     ...
   };

   chmod 770 /var/named/

2. we generate a TSIG-key in a new directory which is used to verify the server and client:
   

   mkdir -p /etc/named/
   cd /etc/named/
   dnssec-keygen -a hmac-sha512 -b 512 -n HOST dyndns.example.org
   
   # webserver-group needs read access to file containing TSIG-key
   chown root:<webserver-group> /etc/named/Kdyndns.example.org*.private
   chmod 640 /etc/named/Kdyndns.example.org*.private
   
   # get and remember the key
   grep Key /etc/named/Kdyndns.example.org*.private

3. create zone in named.conf
   

   key mykey {
     algorithm hmac-sha512;
     secret "the-generated-key";
   };
   
   zone "dyndns.example.org" IN {
     type master;
     file "dyndns.example.org.zone";
     allow-query { any; };
     allow-transfer { none; };
     allow-update { key mykey; };
   };

4. create zone-file
   

   /var/named/dyndns.example.org.zone

   $ORIGIN .
   $TTL 86400  ; 1 day
   dyndns.example.org    IN SOA  localhost. root.localhost. (
           52         ; serial
           3600       ; refresh (1 hour)
           900        ; retry (15 minutes)
           604800     ; expire (1 week)
           86400      ; minimum (1 day)
           )
         NS  localhost.
   $ORIGIN dyndns.example.org.

Webserver

Create a subdomain (dyndns.example.org) and a vhost for the updating script.
For security purpose and compatibility of the php-script the vhost has to be protected by http-authentication.
For Lighttpd you can use the script provided here to generate the users.
Save this PHP-script in the vhost-directory:

index.php

<?php
  // configuration of user and domain
  $user_domain = array( 'user' => array('subdomain','sub2'), 'user2' => array('sub4') );
  // main domain for dynamic DNS
  $dyndns = "dyndns.example.org";

  // short sanity check for given IP
  function checkip($ip)
  {
    $iptupel = explode(".", $ip);
    foreach ($iptupel as $value)
    {
      if ($value < 0 || $value > 255)
        return false;
      }
    return true;
  }

  // retrieve IP
  $ip = $_SERVER['REMOTE_ADDR'];
  // retrieve user
  if ( isset($_SERVER['REMOTE_USER']) )
  {
    $user = $_SERVER['REMOTE_USER'];
  }
  else if ( isset($_SERVER['PHP_AUTH_USER']) )
  {
    $user = $_SERVER['PHP_AUTH_USER'];
  }
  else
  {
    syslog(LOG_WARN, "No user given by connection from $ip");
    exit(0);
  }

  // open log session
  openlog("DDNS-Provider", LOG_PID | LOG_PERROR, LOG_LOCAL0);

  // check for given domain
  if ( isset($_POST['DOMAIN']) )
  {
    $subdomain = $_POST['DOMAIN'];
  }
  else if ( isset($_GET['DOMAIN']) )
  {
    $subdomain = $_GET['DOMAIN'];
  }
  else
  {
    syslog(LOG_WARN, "User $user from $ip didn't provide any domain");
    exit(0);
  }

  // check for needed variables
  if ( isset($subdomain) && isset($ip) && isset($user) )
  {
    // short sanity check for given IP
    if ( preg_match("/^(\d{1,3}\.){3}\d{1,3}$/", $ip) && checkip($ip) && $ip != "0.0.0.0" && $ip != "255.255.255.255" )
    {
      // short sanity check for given domain
      if ( preg_match("/^[\w\d-_\*\.]+$/", $subdomain) )
      {
        // check whether user is allowed to change domain
        if ( in_array("*", $user_domain[$user]) or in_array($subdomain, $user_domain[$user]) )
        {
          if ( $subdomain != "-" )
            $subdomain = $subdomain . '.';
          else
            $subdomain = '';

          // shell escape all values
          $subdomain = escapeshellcmd($subdomain);
          $user = escapeshellcmd($user);
          $ip = escapeshellcmd($ip);

          // prepare command
          $data = "<<EOF
zone $dyndns
update delete $subdomain$user.$dyndns A
update add $subdomain$user.$dyndns 300 A $ip
send
EOF";
          // run DNS update
          exec("/usr/bin/nsupdate -k /etc/named/K$dyndns*.private $data", $cmdout, $ret);
          // check whether DNS update was successful
          if ($ret != 0)
          {
            syslog(LOG_INFO, "Changing DNS for $subdomain$user.$dyndns to $ip failed with code $ret");
          }
        }
        else
        {
          syslog(LOG_INFO, "Domain $subdomain is not allowed for $user from $ip");
        }
      }
      else
      {
        syslog(LOG_INFO, "Domain $subdomain for $user from $ip with $subdomain was wrong");
      }
    }
    else
    {
      syslog(LOG_INFO, "IP $ip for $user from $ip with $subdomain was wrong");
    }
  }
  else
  {
    syslog(LOG_INFO, "DDNS change for $user from $ip with $subdomain failed because of missing values");
  }
  // close log session
  closelog();
?>

Usage

If you’ve configured all correctly you can update domains using this command:

wget --no-check-certificate --http-user="user" --http-passwd="password" --post-data "DOMAIN=example" -q https://dyndns.example.com

Some examples:

Script configuration:

$user_domain = array( 'user' => array('subdomain') );
$dyndns = "dyndns.example.org"

Result:
The user ‘user’ can update the IP for the domain subdomain.user.dyndns.example.org.

Script configuration:

$user_domain = array( 'user' => array('subdomain'), 'user2' => array('test', 'foobar') );
$dyndns = "dyndns.example.org"

Result:
The user ‘user’ can update the IP for the domain subdomain.user.dyndns.example.org.
The user ‘user2′ can update the IP for the domains test.user2.dyndns.example.org and foobar.user2.dyndns.example.org.

Script configuration:

$user_domain = array( 'user' => array('*'), 'user2' => array('test', 'foobar') );
$dyndns = "dyndns.example.org"

Result:
The user ‘user’ can update the IP for the wildcard domain *.user.dyndns.example.orgwhich means all subdomains of user.dyndns.example.org are resolved to the IP set for *.
The user ‘user2′ can update the IP for the domains test.user2.dyndns.example.org and foobar.user2.dyndns.example.org.

Script configuration:

$user_domain = array( 'user' => array('-','subdomain'), 'user2' => array('test', 'foobar') );
$dyndns = "dyndns.example.org"

Result:
The user ‘user’ can update the IP for the domains subdomain.user.dyndns.example.org and user.dyndns.example.org.
The user ‘user2′ can update the IP for the domains test.user2.dyndns.example.org and foobar.user2.dyndns.example.org.

Sources

http://www.bind9.net/manuals
http://www.oceanwave.com/technical-resources/unix-admin/nsupdate.html

This blog post was created on 2011-01-31 at 20:06 and last modified on 2014-01-11 at 14:25 by Andrwe Lord Weber.
It is tagged with

• ddns
• linux

.

Comments

Great article! I think the examples would apply to a few other providers with some very minor tweaks as well. When all else fails, you can always use a free service to try to accomplish something similar such as some of the others at http://dnslookup.me/dynamic-dns/

--------------

Set up your own Dynamic DNS

The problem with external dynamic DNS services like dyndns.org, no-ip.com, etc. is that you constantly have to look after them. Either they are free, but they expire after 1 month and you have to go to their web site to re-activate your account. Or you pay for them, but then you need to take care of the payments, update the credit card info, etc. This is all much too cumbersome for something that should be entirely automated.

If you manage your own DNS anyway, it may be simpler in the long run to set-up your own dynamic DNS system.

Bind has everything needed. There is a lot of info on the Internet on how to do it, but what I found tended to be more complicated than becessary or insecure or both. So here is how I did it on a Debian 6 (“squeeze”) server.

The steps described below are:

1. Initialize variables
2. Create key
3. Configure bind
   • Create zone file
   • Edit /etc/bind/named.conf.local
4. Reload server config
5. Test
6. Usage
7. Web update.cgi

Initialize variables

To make it easier to copy/paste commands, we initialize a few variables

binddir="/var/cache/bind"
etcdir="/etc/bind"

(In Debian, you can use grep directory /etc/bind/named.conf.options to find the correct binddir value)

For dynamic hosts, we will use a subdomain of our main zone: .dyn.example.com.

host=myhost; zone=dyn.example.com

Create key

Most example use the dnssec-keygen command. That would create 2 files (with ugly names): one .private and one .key (public) file. This is useless since the secret key is the same in both files, and the nsupdate method doesn’t use a public/private key mechanism anyway.

There is a less-known and more appropriate command in recent distributions : ddns-confgen. By default, it will just print sample entries with instructions to STDOUT. You can try it out with:

ddns-confgen -r /dev/urandom -s $host.$zone.

The options we use here are to use an “hmac-md5″ algorithm instead of the default “hmac-sha256″. It simplifies things with nsupdate later. And we also specify the key name to be the same as the host’s name. That way, we can use a wildcard in the “update-policy” in named.conf.local and don’t need to update it every time we add a host.

ddns-confgen -r /dev/urandom -q -a hmac-md5 -k $host.$zone -s $host.$zone. | tee -a $etcdir/$zone.keys

chown root:bind   $etcdir/$zone.keys
chmod u=rw,g=r,o= $etcdir/$zone.keys

Depending on how you intend to use nsupdate, you may want to also have a separate key file for every host key. nsupdate cannot use the $zone.keys file if it contains multiple keys. So you might prefer to directly create these individual keyfiles by adding something like > $etcdir/key.$host.$zone :

ddns-confgen -r /dev/urandom -q -a hmac-md5 -k $host.$zone -s $host.$zone. | tee -a $etcdir/$zone.keys > $etcdir/key.$host.$zone

chown root:bind   $etcdir/$zone.keys $etcdir/key.*
chmod u=rw,g=r,o= $etcdir/$zone.keys $etcdir/key.*

Configure bind

Create zone file

Edit $binddir/$zone :

$ORIGIN .
$TTL  3600 ; 1 hour

dyn.example.com IN SOA  dns-server.example.com. hostmaster.example.com. (
         1 ; serial (start at 1 for a dynamic zone instead of the usual date-based serial)
      3600 ; refresh by secondaries (but they get NOTIFY-ed anyway)
       600 ; retry (every 10 minutes if refresh fails)
    604800 ; expire (slaves remove the record after 1 week if they could not refresh it)
       300 ; minimum ttl for negative answers (5 minutes)
)

$ORIGIN dyn.example.com.
NS      dns-server.example.com.

Edit /etc/bind/named.conf.local

Edit /etc/bind/named.conf.local to add :

// DDNS keys
include "/etc/bind/dyn.example.com.keys";

// Dynamic zone
zone "dyn.example.com" {
    type master;
    file "/var/cache/bind/dyn.example.com";
    update-policy {
        // allow host to update themselves with a key having their own name
        grant *.dyn.example.com self dyn.example.com.;
    };
};

Reload server config

rndc reload && sleep 3 && grep named /var/log/daemon.log | tail -20

(adjust the sleep and tail values depending on the number of zones your DNS server handles, so that it has time to report any problems)

Test

If you created individual key files, or your $zone.keys file contains only a single key, you can test like this:

host=myhost; ip=10.11.12.13; zone=dyn.example.com; server=dns-server.example.com; keyfile=$etcdir/key.$host.$zone

echo -e "server $server\n zone $zone.\n update delete $host.$zone.\n update add $host.$zone. 600 A $ip\n send" | nsupdate -k "$keyfile"

Or, more readable and with an extra TXT record:

cat <<EOF | nsupdate -k $keyfile
server $server
zone $zone.
update delete $host.$zone.
update add $host.$zone. 600 A $ip
update add $host.$zone. 600 TXT "Updated on $(date)"
send
EOF

(If you get a could not read key from $keyfile: file not found error, and the file actually exists and is owned by the bind process user, you may be using an older version of nsupdate (like the version in Debian Etch). In that case, replace nsupdate -k $keyfilewith nsupdate -y "$key_name:$secret" using the key name and secret found in your key file.)

Check the result:

host -t ANY $host.$zone

It should output something like

myhost.dyn.example.com descriptive text "Update on Tue Jan 1 17:16:03 CET 2013"myhost.dyn.example.com has address 10.11.12.13

If you try to use a file with multiple keys in the -k option to nsupdate, you will get an error like this: 

… ‘key’ redefined near ‘key’
could not read key from FILENAME.keys.{private,key}: already exists

Usage

In a /etc/network/if-up.d/ddnsupdate script.

If you have setup an update CGI page on your server, you could use something like this, letting the web server use the IP address it received anyway with your request.

#!/bin/sh

server=dns-server.example.com
host=myhost
secret="xBa2pz6ZCGQJ5obmvmp26w==" # copy the right key from $etcdir/$zone.keys

wget -O /dev/null --no-check-certificate "https://$server/ddns/update.cgi?host=$host;secret=$secret"

Otherwise, you can use nsupdate, but you need to determine your external IP first : 

#!/bin/sh

server=dns-server.example.com
zone=dyn.example.com
host=myhost
secret="xBa2pz6ZCGQJ5obmvmp26w==" # copy the right key from $etcdir/$zone.keys

ip=$(wget -q -O - http://example.com/myip.cgi)

cat <<EOF | nsupdate
server $server
zone $zone.
key $host.$zone $secret
update delete $host.$zone.
update add $host.$zone. 600 A $ip
update add $host.$zone. 600 TXT "Updated on $(date)"
send
EOF

I used a very simple myip.cgi script on the web server, to avoid having to parse the output of the various existing services which show your IP in the browser:

#!/bin/sh
echo "Content-type: text/plain"
echo ""
echo $REMOTE_ADDR

This alternative script example uses SNMP to get the WAN IP from the cable router. It only does the update if the address has changed, and logs to syslog.

#!/bin/sh

zone=dyn.example.com
host=myname
secret="nBlw18hxipEyMEVUmwluQx=="
router=192.168.81.3

server=$(dig +short -t SOA $zone | awk '{print $1}')

ip=$( snmpwalk -v1 -m RFC1213-MIB -c public $router ipAdEntAddr | awk '!'"/$router/ {print \$4}" )

if [ -z "$ip" ]; then
 echo "Error getting wan ip from $router" 1>&2
 exit 1
fi

oldip=$(dig +short $host.$zone)

if [ "$ip" == "$oldip" ]; then
 logger -t `basename $0` "No IP change for $host.$zone ($ip)"
 exit
fi

cat <<EOF | nsupdate
server $server
zone $zone.
key $host.$zone $secret
update delete $host.$zone.
update add $host.$zone. 600 A $ip
update add $host.$zone. 600 TXT "Updated on $(date)"
send
EOF

logger -t `basename $0` "IP for $host.$zone changed from $oldip to $ip"

Web server update.cgi

An example update.cgi :

#!/usr/bin/perl

## Use nsupdate to update a DDNS zone.

## (This could be done with the Net::DNS module. It
##  would be more portable (Windows, etc.), but also
##  more complicated. So I chose the nsupdate utility
##  that comes with Bind instead.)

# "mi\x40alma.ch", 2013

use strict;

my $VERSION = 0.2;
my $debug = 1;

my $title = "DDNS update";

my $zone     = "dyn.example.com";
my $server   = "localhost";
my $nsupdate = "/usr/bin/nsupdate";

use CGI qw(:standard);

my $q = new CGI;

my $CR = "\r\n";

print $q->header(),
      $q->start_html(-title => $title),
      $q->h1($title);

if (param("debug")) {
    $debug = 1;
};

my $host   = param("host");
my $secret = param("secret");
my $ip     = param("ip") || $ENV{"REMOTE_ADDR"};
my $time   = localtime(time);

foreach ($host, $secret, $ip) {
    s/[^A-Za-z0-9\.\/\+=]//g; # sanitize, just in case...
    unless (length($_)) {
        die "Missing or bad parameters. host='$host', secret='$secret', ip='$ip'\n";
    }
}

my $commands = qq{
server $server
zone $zone.
key $host.$zone $secret
update delete $host.$zone.
update add $host.$zone. 600 A $ip
update add $host.$zone. 600 TXT "Updated by $0 v. $VERSION, $time"
send
};

print $q->p("sending update commands to $nsupdate:"), $CR,
      $q->pre($commands), $CR;

open( NSUPDATE, "| $nsupdate" ) or die "Cannot open pipe to $nsupdate : $!\n";
print NSUPDATE $commands        or die "Error writing to $nsupdate : $!\n";
close NSUPDATE                  or die "Error closing $nsupdate : $!\n";

print $q->p("Done:"), $CR;

my @result = `host -t ANY $host.$zone`;

foreach (@result) {
    print $q->pre($_), $CR;
}

if ($debug) {
# also log received parameters
    my @lines;
    for my $key (param) {
        my @values = param($key);
        push @lines, "$key=" . join(", ", @values);
    }
    warn join("; ", @lines), "\n";
}

print $q->end_html, $CR;

__END__

-----------

Create your own Dynamic DNS Service using PowerDNS and MySQL

http://shaheerart.blogspot.jp/2012/01/create-your-own-dynamic-dns-service.html

Dynamic DNS services can be very useful for sites or servers with dynamic IP addresses. Most residential Internet providers will only provide you with a dynamic IP address, making it quite difficult to manage systems remotely. This problem can be remedied with the use of Dynamic DNS where a software client updates the DNS server with the latest IP address of the site. Many providers already exist which provide this service such as No-IP.com or DyDNS.com. These are good, but unfortunately not all of their features are free and they require you to log in every once in a while to make sure that your account doesn’t get deactivated. In this article, I’m going to show you how you can setup your own Dynamic DNS service using PowerDNS and MySQL to update your dynamic sites’ IP in your own DNS server.
Instructions
These instructions assume that you have a domain name (purchased from a provider such as GoDaddy or otherwise) and you have the ability to point your domain to your own name servers.
Step 1
Install PowerDNS and its dependencies for MySQL.
Ubuntu / Debian
sudo apt-get install pdns-server pdns-backend-mysql mysql-server
CentOS / RHEL / Fedora
yum install pdns pdns-backend-mysql mysql-server
Step 2
Configure PowerDNS with your MySQL details.
sudo nano /etc/powerdns/pdns.d/pdns.local
# Here come the local changes the user made, like configuration of
# the several backends that exist.
gmysql-host=127.0.0.1
gmysql-user=<mysql user>
gmysql-password=<mysql password>
gmysql-dbname=<powerdns database>
Step 3 (Optional)
You can optionally install a web frontend to manage your domains. I recommend PowerDNS Administrator.
http://code.google.com/p/pdnsadministrator/downloads/list
Step 4
Configure the update script to update the DNS record in the database.
sudo mkdir -p /opt/dynamic-dns
sudo nano /opt/dynamic-dns/update.php
<?php
$ip = $argv[1];
$domain = $argv[2];
// Make MySQL Connection
mysql_connect(“localhost”, “powerdns”, “a4031b869c”) or die(mysql_error());
mysql_select_db(“powerdns”) or die(mysql_error());
// Update record in database.
$result = mysql_query(“UPDATE records SET content=’$ip’ WHERE name=’$domain’ and type=’A';”)
?>
Step 5
Install openssh-server and openssh-client in both servers.
sudo apt-get install openssh-server
sudo apt-get install openssh-client
Configure SSH Keys on the dynamic host for passwordless authentication to the DNS server. Be sure to change the <user> and <powerdns ip>
to the correct values.
ssh-keygen (Accept all the default values.)
cat ~/.ssh/id_rsa.pub | ssh username@hostname ‘cat >> .ssh/authorized_keys’
Step 6
Configure the client script/cron job to fetch the dynamic host’s current IP address and update the DNS database. Be sure to update the bold values with the appropriate values.
sudo nano /etc/cron.hourly/dynamic-dns.cron && sudo chmod +x /etc/cron.hourly/dynamic-dns.cron
#!/bin/bash
IP=`curl -s http://www.whatismyip.org`
DOMAIN=<dynamic dns domain>
ssh -C <user>@<powerdns ip> php /opt/dynamic-dns/update.php $IP $DOMAIN
echo “`date` $DOMAIN – Updated IP to $IP” >> /var/log/dynamic-dns.log
--------------

DDNS with PowerDNS

A: client side

I use PowerDNS for my own DNS servers, but what is written in this post can be applied with little changes to any DNS server that doesn’t support DDNS out of the box. Read on to see my situation and the solution!
My setup is like this:

• I have a few colocated servers (my play and experiments machine and NOVIT clients’ machines) – all on static IPs of course. This is where my DNS servers are located too.
• I have one machine at home that I need to be able to access (secondary backups and storage machine). My home Internet connections is a home-user FTH plan provided by romanian ISP RDS (boooooo!). The authentication method is PPPoE, and RDS changes my IP from time to time (usually after I reboot my router or if they have a outage).

My D-Link DIR-300 wireless router has DDNS support, but I don’t want to create an account to one of the many free DNS providers like ZoneEdit (which I already use as backup DNS). It would just be another care for me and not worth it for a single machine. So why not flex my scripting muscle and fix the issue myself?
What I need to do is to have the “hidden machine” (let’s call it the client) find out its IP, then send it to the server, where it will be processed (and the DNS will be updated). I will only talk about the client side in this post.
This is what the client does:

1. Every 15 minutes, a script is run on a cronjob (the script runs as a unpriviledged user).
2. The script uses http://jackson.io/ip/ to find out the router’s IP. The reason: the output is very easy to use in scripts (since there’s no HTTP code, just the IP itself).
3. If the IP is different than the cached (old) IP, the script will write it to a file and scp that file to the server machine (another unpriviledged user there, of course). SSH is configured to only use keys.
4. Magic happens on the server side.

Some notes:

• I have dedicated users, called ddnsuser, on both the client and server machines – they are locked and are only used to run the script.
• The script should do more error checking – both to insure more security and to make sure the IP is valid. For example, if jackson.io is compromised or someone hijacks the DNS responses to my client machine, I am vulnerable to shell commands injection (which, in the worst case, could be carried on to the server, too). I’ll add some more checking when I’ll have time.
• There are other ways to find out the IP than to use a remote, outside my control, server. Most likely, I will change this in the future, by using my own web service that does it.

So, setup time on the client side:

• Create a user called ddnsuser on both the client and the server machines.
• Configure ssh to allow key authentication from the client to the server (so you can scp files without using passwords).
• Save the file update-dns.sh to /home/ddnsuser on the client machine and make it executable.
• Save the cron file ddns.cron to /etc/cron.d on the client machine.

You can download the script and the cron file here (make sure you edit them before using):

• update-dns.sh
• ddns.cron

Enjoy I will publish the second part in a few days!

B: server side

This is the second part in the “DDNS with PowerDNS” series. If you didn’t read the first post, which deals with the client setup (client is the computer who’s IP changes a lot), you can read it here: DDNS with PowerDNS – client side.
On the server side, we already have the IP of the client written in a file somewhere, by the script that runs on the client machine. Now all we need to do is take this IP and instruct the DNS server to use it when someone queries the hostname of the client.
The simplest idea is to run a script on a cron job and update DNS files, or record in a database. But since I use PowerDNS, the following solution is PowerDNS-specific.
PowerDNS has this nice feature, which allows you to pipe the DNS requests to an external program or script. This feature is explained in the backend details page, and they also provide a sample script, which I used as a template.
This is how we use the pipe system of PowerDNS:

1. We tell PowerDNS, in the config file, that some queries need to be passed to the pipe backend.
2. In the pipe script, we read the file that has the IP of our client host and provide the correct answer to the query.
3. Anytime we need to change IP, we just overwrite that file.

Yes, that simple!
Step 1. First, let’s see what we need to change in the PowerDNS config in order to use the pipe backend. These are the relevant lines in /etc/powerdns/pdns.conf:

launch=pipe,bind
pipe-command=/path/to/ddns-pipe.pl
pipe-regex=^YOUR.FQDN.HOST.NAME;.*$

Of course, replace the path and YOUR.FQDN.HOST.NAME with the correct values. Make sure you don’t mess up the regex, it needs to have the ^ in front and ;.*$ at the end. And of course, FQDN hostnames only!
Note that the first line might be different to you, if you use another backend than bind. Make sure you edit it accordingly.
Step 2. Download ddns-pipe.pl and make it executable (make sure you place it in the correct path, the same that you wrote in pdns.conf). Also, make sure you edit the path to point to the correct IP file, and your host name ($domain and $ipfile). Remember – FQDN!
Step 3. Restart PowerDNS and that’s it! When PowerDNS receives a query for your hostname, it will forward it to the script, which will answer with the current IP. Updating it is really simple: we just overwrite the file (like we do in the first post of the series, DDNS with PowerDNS – client side).
Notes: The script might be improved to first validate that the IP is correct. Also, it now reads the file every time there’s a query. We could, for example, only read the file if its timestamp is different (it means it was updated), but I’m counting on the Linux FS cache to minimize I/O (and I’m also lazy and don’t know Perl that well.

  -------

相关帖子：http://briteming.blogspot.com/2012/08/powerdns.html