diff options
author | Christian Hesse <mail@eworm.de> | 2021-05-17 16:32:07 +0200 |
---|---|---|
committer | Christian Hesse <mail@eworm.de> | 2021-05-17 16:41:51 +0200 |
commit | 862417b8d32f6eef1c05ba9137fe2a7f14436987 (patch) | |
tree | b14fce4182be88330586cee1e0a71a466c84f96f /doc/ipsec-to-dns.md | |
parent | 604306f2200a2a4bc6f6865f4aea90befe2e0142 (diff) |
add 'ipsec-to-dns'change-51
Diffstat (limited to 'doc/ipsec-to-dns.md')
-rw-r--r-- | doc/ipsec-to-dns.md | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/doc/ipsec-to-dns.md b/doc/ipsec-to-dns.md new file mode 100644 index 0000000..9a0f486 --- /dev/null +++ b/doc/ipsec-to-dns.md @@ -0,0 +1,46 @@ +Create DNS records for IPSec peers +================================== + +[◀ Go back to main README](../README.md) + +🛈 This script can not be used on its own but requires the base installation. +See [main README](../README.md) for details. + +Description +----------- + +This script adds (and removes) dns records based on IPSec peers and their +dynamic addresses from mode-config. + +Requirements and installation +----------------------------- + +Just install the script: + + $ScriptInstallUpdate ipsec-to-dns; + +This script is run from scheduler: + + / system scheduler add interval=1m name=ipsec-to-dns on-event="/ system script run ipsec-to-dns;" start-time=startup; + +Configuration +------------- + +On first run a disabled static dns record acting as marker (with comment +"`--- ipsec-to-dns above ---`") is added. Move this entry to define where new +entries are to be added. + +The configuration goes to `global-config-overlay`, these are the parameters: + +* `Domain`: the domain used for dns records +* `HostNameInZone`: whether or not to add the ipsec/dns server's hostname +* `PrefixInZone`: whether or not to add prefix `ipsec` + +See also +-------- + +* [Create DNS records for DHCP leases](dns-to-dhcp.md) + +--- +[◀ Go back to main README](../README.md) +[▲ Go back to top](#top) |