diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-21 14:53:22 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-21 14:53:22 +0000 |
| commit | 52c021ee0b0c6ad2128ed550c694aad0d11d4c3f (patch) | |
| tree | 83cf8627b94336cf4bee7479b9749263bbfd3a06 /doc/examples/ddns/sample1.json | |
| parent | Initial commit. (diff) | |
| download | isc-kea-52c021ee0b0c6ad2128ed550c694aad0d11d4c3f.tar.xz isc-kea-52c021ee0b0c6ad2128ed550c694aad0d11d4c3f.zip | |
Adding upstream version 2.5.7.upstream/2.5.7upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'doc/examples/ddns/sample1.json')
| -rw-r--r-- | doc/examples/ddns/sample1.json | 172 |
1 files changed, 172 insertions, 0 deletions
diff --git a/doc/examples/ddns/sample1.json b/doc/examples/ddns/sample1.json new file mode 100644 index 0000000..4c8190e --- /dev/null +++ b/doc/examples/ddns/sample1.json @@ -0,0 +1,172 @@ +// This is an example configuration file for D2, Kea's DHCP-DDNS processor. +// It supports updating two Forward DNS zones "four.example.com" and +// "six.example.com"; and one Reverse DNS zone, "2.0.192.in-addr.arpa." + +{ +// ------------------ DHCP-DDNS --------------------- +"DhcpDdns": +{ + +// -------------- Global Parameters ---------------- +// D2 will listen for update requests for Kea DHCP servers at 127.0.0.1 +// on port 53001. Maximum time to we will wait for a DNS server to +// respond to us is 1000 ms. + + "ip-address": "127.0.0.1", + "port": 53001, + "dns-server-timeout" : 1000, + +// One extra feature that requires some explanation is +// user-context. This is a structure that you can define at global scope, +// in ddns domain, dns server, tsig key and others. It is parsed by +// Kea, but not used directly. It is intended to keep anything you +// may want to put there - comments, extra designations, floor or +// department names etc. +// A comment entry is translated into a user-context with a "comment" +// property so you can include comments inside the configuration itself. + + "user-context": { "version": 1 }, + +// ----------------- Control Socket ----------------- + + "control-socket": + { + "socket-type": "unix", + "socket-name": "/tmp/kea-ddns-ctrl-socket" + }, + +// ----------------- Hooks Libraries ----------------- + + "hooks-libraries": + [ + // Hook libraries list may contain more than one library. + { + // The only necessary parameter is the library filename. + "library": "/opt/local/ddns-server-commands.so", + + // Some libraries may support parameters. Make sure you + // type this section carefully, as the CA does not validate + // it (because the format is library-specific). + "parameters": + { + "param1": "foo" + } + } + ], + +// ----------------- Forward DDNS ------------------ +// 1. Zone - "four.example.com. +// It uses TSIG, key name is "d2.md5.key" +// It is served by one DNS server which listens for DDNS requests at +// 172.16.1.1 on the default port 53 (standard DNS port) +// 2. Zone - "six.example.com." +// It does not use TSIG. +// It is server by one DNS server at "2001:db8:1::10" on port 7802 + + "forward-ddns": + { + "ddns-domains": + [ +// DdnsDomain for zone "four.example.com." + { + "comment": "DdnsDomain example", + "name": "four.example.com.", + "key-name": "d2.md5.key", + "dns-servers": + [ + { + "ip-address": "172.16.1.1" + } + ] + }, + +// DdnsDomain for zone "six.example.com." + { + "name": "six.example.com.", + "dns-servers": + [ + { + "ip-address": "2001:db8:1::10", + "port": 7802 + } + ] + } + ] + }, + +// ----------------- Reverse DDNS ------------------ +// We will update Reverse DNS for one zone "2.0.192.in-addr-arpa". It +// uses TSIG with key "d2.sha1.key" and is served by two DNS servers: +// one listening at "172.16.1.1" on 53001 and the other at "192.168.2.10". + "reverse-ddns": + { + "ddns-domains": + [ + { + "name": "2.0.192.in-addr.arpa.", + "key-name": "d2.sha1.key", + "dns-servers": + [ + { + "ip-address": "172.16.1.1", + "port": 53001 + }, + { + "ip-address": "192.168.2.10" + } + ] + } + ] + }, + +// ------------------ TSIG keys --------------------- +// Each key has a name, an algorithm (HMAC-MD5, HMAC-SHA1, HMAC-SHA224...) +// and a base-64 encoded shared secret. + "tsig-keys": + [ + { + "name": "d2.md5.key", + "algorithm": "HMAC-MD5", + "secret": "LSWXnfkKZjdPJI5QxlpnfQ==" + }, + { + "name": "d2.sha1.key", + "algorithm": "HMAC-SHA1", + "secret": "hRrp29wzUv3uzSNRLlY68w==" + }, + { + "name": "d2.sha512.key", + "algorithm": "HMAC-SHA512", + "digest-bits": 256, + "secret": "/4wklkm04jeH4anx2MKGJLcya+ZLHldL5d6mK+4q6UXQP7KJ9mS2QG29hh0SJR4LA0ikxNJTUMvir42gLx6fGQ==" + } + ], + +// The following configures logging. It assumes that messages with at least +// informational level (info, warn, error and fatal) should be logged to stdout. +// It also specifies a custom log pattern. + "loggers": [ + { + "name": "kea-dhcp-ddns", + "output-options": [ + { + "output": "stdout", + // Several additional parameters are possible in addition + // to the typical output. Flush determines whether logger + // flushes output to a file. Maxsize determines maximum + // filesize before the file is rotated. maxver + // specifies the maximum number of rotated files being + // kept. + "flush": true, + "maxsize": 204800, + "maxver": 4, + "pattern": "%d [%c/%i] %m\n" + } + ], + "debuglevel": 0, + "severity": "INFO" + } + ] +} + +} |