Configuring ISC DHCP to send DNS dynamic updates to BIND

Copyright 2002, 2003, 2004 Andy Barclay
OpenContent License (OPL)

This assumes you already have an ISC dhcp server setup, and you also
have ISC BIND 8 or 9.

This configuration works inside my firewall where I use a private
domain name - unixpeople.internal.

First, you will need to generate a key:
# dnssec-keygen -a HMAC-MD5 -b 128 -n HOST unixpeople.internal

This will generate two files similar to:

Cut the data from the "Key:" line in the *.private file and use that
as the secret key in the appropriate stanza below.

Add the following to your dhcpd.conf:
#ddns-update-style ad-hoc;
ddns-update-style interim;
ddns-domainname "unixpeople.internal";
ddns-rev-domainname "";
one-lease-per-client off;
# damn dhcp server doesn't send updates for static addresses, but
# apparently this will
update-static-leases on;

# AWB - added this key to allow secure dynamic update
key unixpeople.internal {
        algorithm hmac-md5;
	secret "xie9rtGqq3dmMPhEwNo7Hw==";

Edit the named.conf for bind and add the same key stanza AND add
the the key statement to all the zone statements that should
accept dynamic updates:

zone "unixpeople.internal" {
        allow-update {key unixpeople.internal;};
        type master;
        file "db.unixpeople.internal";

zone "" {
        /* allow-update {;};*/
        allow-update {key unixpeople.internal;};
        type master;
        file "db.192.168.37";


Now restart both BIND and DHCP and you should be fine.