Support in ISC DHCP for DDNS (Dynamic DNS) without zone statements

ISC DHCP 4.3 returns support for using DDNS without a zone statement. In 4.1 and earlier versions of ISC DHCP, if the server was attempting to update the DNS with a name for which it didn't have a zone statement, it would attempt to find an appropriate name server to do the update. In 4.2, as part of the addition of the asynchronous DDNS functionality, this feature was lost. In 4.3 we  have modified the code to once again support this feature.

This feature doesn't require any changes to your configuration to work and is enabled by default. If you wish to disable it you may do so by editing the includes/site.h file and commenting out the following line, then recompiling your code. It does require a resolv.conf file that points to a usable resolver; by default this is found in /etc/resolv.conf.

#define DNS_ZONE_LOOKUP

Care should be taken when trying to use this feature, as it may make your network more fragile and less secure. By using zone statements with TSIG keys, you can direct your DDNS traffic and have it secured. Without the zone statements the server will attempt to find a DNS server to update, but it may not find the one you wish to use and the transaction won't include security. You may be able to secure the channel between the DHCP and DNS servers via another mechanism, such as filtering on the ports of a switch.