From 862417b8d32f6eef1c05ba9137fe2a7f14436987 Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Mon, 17 May 2021 16:32:07 +0200 Subject: add 'ipsec-to-dns' --- doc/dhcp-to-dns.md | 1 + doc/ipsec-to-dns.md | 46 ++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 47 insertions(+) create mode 100644 doc/ipsec-to-dns.md (limited to 'doc') diff --git a/doc/dhcp-to-dns.md b/doc/dhcp-to-dns.md index 22bf3bc..60eb29d 100644 --- a/doc/dhcp-to-dns.md +++ b/doc/dhcp-to-dns.md @@ -44,6 +44,7 @@ See also * [Collect MAC addresses in wireless access list](collect-wireless-mac.md) * [Comment DHCP leases with info from access list](dhcp-lease-comment.md) +* [Create DNS records for IPSec peers](ipsec-to-dns.md) * [Run other scripts on DHCP lease](lease-script.md) --- diff --git a/doc/ipsec-to-dns.md b/doc/ipsec-to-dns.md new file mode 100644 index 0000000..9a0f486 --- /dev/null +++ b/doc/ipsec-to-dns.md @@ -0,0 +1,46 @@ +Create DNS records for IPSec peers +================================== + +[◀ Go back to main README](../README.md) + +🛈 This script can not be used on its own but requires the base installation. +See [main README](../README.md) for details. + +Description +----------- + +This script adds (and removes) dns records based on IPSec peers and their +dynamic addresses from mode-config. + +Requirements and installation +----------------------------- + +Just install the script: + + $ScriptInstallUpdate ipsec-to-dns; + +This script is run from scheduler: + + / system scheduler add interval=1m name=ipsec-to-dns on-event="/ system script run ipsec-to-dns;" start-time=startup; + +Configuration +------------- + +On first run a disabled static dns record acting as marker (with comment +"`--- ipsec-to-dns above ---`") is added. Move this entry to define where new +entries are to be added. + +The configuration goes to `global-config-overlay`, these are the parameters: + +* `Domain`: the domain used for dns records +* `HostNameInZone`: whether or not to add the ipsec/dns server's hostname +* `PrefixInZone`: whether or not to add prefix `ipsec` + +See also +-------- + +* [Create DNS records for DHCP leases](dns-to-dhcp.md) + +--- +[◀ Go back to main README](../README.md) +[▲ Go back to top](#top) -- cgit v1.2.3-70-g09d2