Dynamic DNS

Class: Infrastructure Configuration, Infrastructure Design

Background

Dynamic DNS (DDNS or DynDNS) is a method of automatically updating a name server in the Domain Name System (DNS), often in real time, with the active DDNS configuration of its configured hostnames, addresses or other information.

The term is used to describe two different concepts. The first is "dynamic DNS updating" which refers to systems that are used to update traditional DNS records without manual editing. These mechanisms are explained in RFC 2136, and use the TSIG mechanism to provide security. The second kind of dynamic DNS permits lightweight and immediate updates often using an update client, which do not use the RFC 2136 standard for updating DNS records. These clients provide a persistent addressing method for devices that change their location, configuration or IP address frequently.

Risks

  • IP addressed machines (computers, servers, etc.) would all have their hostname populated to the UNM DNS
  • While a locally configured hostname is never truly private, DDNS will populate the DNS database with users’ / administrators’ locally-set hostnames; normally, those hostnames appear in logs, such as DCHP logs
  • As long as the network path (route) exists and as long as a firewall rule or NAT port-forwarding rule allows traffic, the dynamic hostname can be used by querying DNS to connect to a machine without having to implicitly know the IP address

Benefits

  • Ease of host identification on the network by administrators
  • Ease incident response efforts

Where Dynamic DNS Can Be Applied

  • In Split-View DNS environments
  • On the “Internal” DNS view only

The ISPO utilizes the University’s enterprise ticketing system Help.UNM and intake services provided by the UNM Information Technologies (UNM IT) Service Desk, the University's central support organization for information technology-related services and computer-related issues. All information security-related events, incidents, and requests are forwarded to the ISPO by UNM IT Service Desk Staff. If you have feedback or questions regarding this document, please use Help.UNM or call the UNM IT Service Desk at 7-5757 to ensure that your request is opened, tracked, and processed in a timely manner.


Report an Incident

If you suspect that your NetID (i.e. LoboMail account) or a computer have been compromised and you need to know what to do, please see our FAQ

Abuse Report Form

- or -

Report Message: Junk

 - or -

Report Message: Phishing

 - or - 

Help.UNM Self Service

 - or -

UNM EthicsPoint


For more information, visit our Contact Information page