// This is an example configuration file for D2, Kea's DHCP-DDNS processor. // It supports updating two Forward DNS zones "four.example.com" and // "six.example.com"; and one Reverse DNS zone, "2.0.192.in-addr.arpa." { // ------------------ DHCP-DDNS --------------------- // "DhcpDdns": { // -------------- Global Parameters ---------------- // // D2 will listen for update requests for Kea DHCP servers at 127.0.0.1 // on port 53001. Maximum time to we will wait for a DNS server to // respond to us is 1000 ms. "ip-address": "127.0.0.1", "port": 53001, "dns-server-timeout" : 1000, // One extra feature that requires some explanation is // user-context. This is a structure that you can define at global scope, // in ddns domain, dns server, tsig key and others. It is parsed by // Kea, but not used directly. It is intended to keep anything you // may want to put there - comments, extra designations, floor or // department names etc. // A comment entry is translated into a user-context with a "comment" // property so you can include comments inside the configuration itself. "user-context": { "version": 1 }, // // ----------------- Control Socket ----------------- // "control-socket": { "socket-type": "unix", "socket-name": "/tmp/kea-ddns-ctrl-socket" }, // // ----------------- Hooks Libraries ----------------- // "hooks-libraries": [ // Hook libraries list may contain more than one library. { // The only necessary parameter is the library filename. "library": "/opt/local/ddns-server-commands.so", // Some libraries may support parameters. Make sure you // type this section carefully, as the CA does not validate // it (because the format is library specific). "parameters": { "param1": "foo" } } ], // // ----------------- Forward DDNS ------------------ // // 1. Zone - "four.example.com. // It uses TSIG, key name is "d2.md5.key" // It is served by one DNS server which listens for DDNS requests at // 172.16.1.1 on the default port 53 (standard DNS port) // // 2. Zone - "six.example.com." // It does not use TSIG. // It is server by one DNS server at "2001:db8:1::10" on port 7802 "forward-ddns": { "ddns-domains": [ // DdnsDomain for zone "four.example.com." { "comment": "DdnsDomain example", "name": "four.example.com.", "key-name": "d2.md5.key", "dns-servers": [ { "ip-address": "172.16.1.1" } ] }, // DdnsDomain for zone "six.example.com." { "name": "six.example.com.", "dns-servers": [ { "ip-address": "2001:db8:1::10", "port": 7802 } ] } ] }, // ----------------- Reverse DDNS ------------------ // // We will update Reverse DNS for one zone "2.0.192.in-addr-arpa". It // uses TSIG with key "d2.sha1.key" and is served by two DNS servers: // one listening at "172.16.1.1" on 53001 and the other at "192.168.2.10". // "reverse-ddns": { "ddns-domains": [ { "name": "2.0.192.in-addr.arpa.", "key-name": "d2.sha1.key", "dns-servers": [ { "ip-address": "172.16.1.1", "port": 53001 }, { "ip-address": "192.168.2.10" } ] } ] }, // ------------------ TSIG keys --------------------- // // Each key has a name, an algorithm (HMAC-MD5, HMAC-SHA1, HMAC-SHA224...) // and a base-64 encoded shared secret. // "tsig-keys": [ { "name": "d2.md5.key", "algorithm": "HMAC-MD5", "secret": "LSWXnfkKZjdPJI5QxlpnfQ==" }, { "name": "d2.sha1.key", "algorithm": "HMAC-SHA1", "secret": "hRrp29wzUv3uzSNRLlY68w==" }, { "name": "d2.sha512.key", "algorithm": "HMAC-SHA512", "digest-bits": 256, "secret": "/4wklkm04jeH4anx2MKGJLcya+ZLHldL5d6mK+4q6UXQP7KJ9mS2QG29hh0SJR4LA0ikxNJTUMvir42gLx6fGQ==" } ], // The following configures logging. It assumes that messages with at least // informational level (info, warn, error and fatal) should be logged to stdout. // It also specifies a custom log pattern. "loggers": [ { "name": "kea-dhcp-ddns", "output_options": [ { "output": "stdout", // Several additional parameters are possible in addition // to the typical output. Flush determines whether logger // flushes output to a file. Maxsize determines maximum // filesize before the file is being rotated. maxver // specifies the maximum number of rotated files being // kept. "flush": true, "maxsize": 204800, "maxver": 4, "pattern": "%d [%c/%i] %m\n" } ], "debuglevel": 0, "severity": "INFO" } ] } }