Dynamic updates

IBM® i Domain Name System (DNS) that is based on BIND 9 supports dynamic updates. Outside sources, such as Dynamic Host Configuration Protocol (DHCP), can send updates to the DNS server. In addition, you can also use DNS client tools, such as Dynamic Update Utility (NSUPDATE), to perform dynamic updates.

DHCP is a TCP/IP standard that uses a central server to manage IP addresses and other configuration details for an entire network. A DHCP server responds to requests from clients, dynamically assigning properties to them. DHCP allows you to define network host configuration parameters at a central location and automate the configuration of hosts. It is often used to assign temporary IP addresses to clients for networks that contain more clients than the number of IP addresses available.

In the past, all DNS data was stored in static databases. All DNS resource records had to be created and maintained by the administrator. But, DNS servers that are based on BIND 8, or later, can be configured to accept requests from other sources to update zone data dynamically.

You can configure your DHCP server to send update requests to the DNS server each time it assigns a new address to a host. This automated process reduces DNS server administration in rapidly growing or changing TCP/IP networks, and in networks where hosts change locations frequently. When a client using DHCP receives an IP address, that data is immediately sent to the DNS server. Using this method, DNS can continue to successfully resolve queries for hosts, even when their IP addresses change.

You can configure DHCP to update address mapping (A for IPv4 or AAAA for IPv6) records, reverse-lookup pointer (PTR) records, or both on behalf of a client. The address mapping record (A or AAAA) maps a machine's host name to its IP address. The PTR record maps a machine's IP address to its host name. When a client's address changes, DHCP can automatically send an update to the DNS server so other hosts in the network can locate the client through DNS queries at the client's new IP address. For each record that is updated dynamically, an associated Text (TXT) record is written to identify that the record was written by DHCP.

Note: If you set DHCP to update only PTR records, you must configure DNS to allow updates from clients so that every client can update its A record if the client uses IPv4 address, or update its AAAA record if the client uses IPv6 address. Not all DHCP clients support making their own A or AAAA record update requests. Consult the documentation for your client platform before choosing this method.

Dynamic zones are secured by creating a list of authorized sources that are allowed to send updates. You can define authorized sources using individual IP addresses, whole subnets, packets that have been signed using a shared secret key (called a Transaction Signature, or TSIG), or any combination of those methods. DNS verifies that incoming request packets are coming from an authorized source before updating the resource records.

Dynamic updates can be performed between DNS and DHCP on a single IBM i platform, between different IBM i platforms, or between a IBM i platform and other systems that are capable of dynamic updates.

Note: The dynamic Update DNS (QTOBUPDT) API is required on servers that are sending dynamic updates to DNS. It is installed automatically with IBM i Option 31, DNS. However, in BIND 9, the NSUPDATE command is the preferred method to make the updates on the IBM i platform.