目前在使用dnspod更新ddns ip,但是dnspod免费账号ttl最低设置为600,对于要求及时更新的可自己搭建dns服务器更新ddns,本文使用knot,相对bind有占用资源小,配置简单优点。
apt install knot knot-dnsutils生成远程更新验证key并添加到配置文件,首行格式用于客户端knsupdate验证key:
keymgr -t key_knsupdate # hmac-sha256:key_knsupdate:USWfnZKqVwfbv/rcaJtyJA+Evj9eS6v23BmXFO0h0r0= key: - id: key_knsupdate algorithm: hmac-sha256 secret: USWfnZKqVwfbv/rcaJtyJA+Evj9eS6v23BmXFO0h0r0=knot配置文件,knsupdate和主从同步可使用key或ip认证:
server: identity: version: nsid: rundir: "/run/knot" user: knot:knot #listen: [ 0.0.0.0@53, 127.0.0.1@53, ::1@53 ] listen: 192.168.1.1@53 log: - target: syslog any: info # hmac-sha256:key_knsupdate:USWfnZKqVwfbv/rcaJtyJA+Evj9eS6v23BmXFO0h0r0= key: - id: key_knsupdate algorithm: hmac-sha256 secret: USWfnZKqVwfbv/rcaJtyJA+Evj9eS6v23BmXFO0h0r0= remote: - id: slave address: 192.168.2.1@53 key: key_knsupdate - id: master address: 192.168.1.1@53 key: key_knsupdate acl: - id: acl_slave #address: 192.168.2.1 key: key_knsupdate action: transfer - id: acl_master #address: 192.168.1.1 key: key_knsupdate action: notify - id: acl_knsupdate #address: [ 127.0.0.1, 192.168.1.1 ] key: key_knsupdate action: update template: - id: default storage: "/var/lib/knot" file: "%s.zone" zone: # Master zone - domain: ddns.haiyun.me notify: slave #acl: acl_slave acl: [ acl_slave, acl_knsupdate ]knot dns主从同步配置,以上配置文件zone为master,slave要将zone替换为:
zone: # Slave zone - domain: ddns.haiyun.me master: master zonefile-load: whole acl: acl_masterzone文件:
cat /var/lib/knot/ddns.haiyun.me.zone ;; Zone dump (Knot DNS 2.7.8) ddns.haiyun.me. 3600 SOA ns1.haiyun.me. admin.haiyun.me. 2021020415 60 60 1800 60 ddns.haiyun.me. 3600 NS ns1.haiyun.me. ddns.haiyun.me. 3600 NS ns2.haiyun.me. 1.ddns.haiyun.me. 10 A 1.1.1.1 1.ddns.haiyun.me. 10 AAAA ::1 www.ddns.haiyun.me. 10 A 1.1.1.1 ;; Written 6 records ;; Time 2021-02-04 17:52:03 CST使用knsupdate动态更新dns ip:
cat > cmd.txt << EOF server 127.0.0.1 zone ddns.haiyun.me. del 1.ddns.haiyun.me. add 1.ddns.haiyun.me. 10 A 1.1.1.1 add 1.ddns.haiyun.me. 10 AAAA ::1 show send answer quit EOF knsupdate -y "hmac-sha256:key_knsupdate:USWfnZKqVwfbv/rcaJtyJA+Evj9eS6v23BmXFO0h0r0=" cmd.txt或通过knotc更改dns记录:
knotc zone-begin ddns.haiyun.me knotc zone-set ddns.haiyun.me www 10 A 1.1.1.1 knotc zone-commit ddns.haiyun.me原文链接:https://www.haiyun.me/archives/1398.html
© 版权声明
声明📢本站内容均来自互联网,归原创作者所有,如有侵权必删除。
本站文章皆由CC-4.0协议发布,如无来源则为原创,转载请注明出处。
THE END
