kea/doc/examples/ddns/sample1.json

// This is an example configuration file for D2, Kea's DHCP-DDNS processor.
// It supports updating two Forward DNS zones "four.example.com" and
// "six.example.com"; and one Reverse DNS zone, "2.0.192.in-addr.arpa."

{
// ------------------ DHCP-DDNS ---------------------
"DhcpDdns":
{

// --------------  Global Parameters ----------------
//   D2 will listen for update requests for Kea DHCP servers at 127.0.0.1
//   on port 53001.  Maximum time to we will wait for a DNS server to
//   respond to us is 1000 ms.

    "ip-address": "127.0.0.1",
    "port": 53001,
    "dns-server-timeout" : 1000,

// One extra feature that requires some explanation is
// user-context. This is a structure that you can define at global scope,
// in ddns domain, dns server, tsig key and others. It is parsed by
// Kea, but not used directly.  It is intended to keep anything you
// may want to put there - comments, extra designations, floor or
// department names etc.
// A comment entry is translated into a user-context with a "comment"
// property so you can include comments inside the configuration itself.

    "user-context": { "version": 1 },

// ----------------- Control Socket -----------------

    "control-socket":
    {
        "socket-type": "unix",
        "socket-name": "/tmp/kea-ddns-ctrl-socket"
    },

// ----------------- Hooks Libraries -----------------

    "hooks-libraries":
    [
        // Hook libraries list may contain more than one library.
        {
            // The only necessary parameter is the library filename.
            "library": "/opt/local/ddns-server-commands.so",

            // Some libraries may support parameters. Make sure you
            // type this section carefully, as the CA does not validate
            // it (because the format is library-specific).
            "parameters":
            {
                "param1": "foo"
            }
        }
    ],

// ----------------- Forward DDNS  ------------------
//   1. Zone - "four.example.com.
//      It uses TSIG, key name is "d2.md5.key"
//      It is served by one DNS server which listens for DDNS requests at
//      172.16.1.1 on the default port 53 (standard DNS port)
//   2. Zone - "six.example.com."
//      It does not use TSIG.
//      It is server by one DNS server at "2001:db8:1::10" on port 7802

    "forward-ddns":
    {
        "ddns-domains":
        [
//           DdnsDomain for zone "four.example.com."
            {
                "comment": "DdnsDomain example",
                "name": "four.example.com.",
                "key-name": "d2.md5.key",
                "dns-servers":
                [
                    {
                        "ip-address": "172.16.1.1"
                    }
                ]
            },

//           DdnsDomain for zone "six.example.com."
            {
                "name": "six.example.com.",
                "dns-servers":
                [
                    {
                        "ip-address": "2001:db8:1::10",
                        "port": 7802
                    }
                ]
            }
        ]
    },

// ----------------- Reverse DDNS  ------------------
// We will update Reverse DNS for one zone "2.0.192.in-addr-arpa". It
// uses TSIG with key "d2.sha1.key" and is served by two DNS servers:
// one listening at "172.16.1.1" on 53001 and the other at "192.168.2.10".
    "reverse-ddns":
    {
        "ddns-domains":
        [
            {
                "name": "2.0.192.in-addr.arpa.",
                "key-name": "d2.sha1.key",
                "dns-servers":
                [
                    {
                        "ip-address": "172.16.1.1",
                        "port": 53001
                    },
                    {
                        "ip-address": "192.168.2.10"
                    }
                ]
            }
        ]
    },

// ------------------ TSIG keys ---------------------
//   Each key has a name, an algorithm (HMAC-MD5, HMAC-SHA1, HMAC-SHA224...)
//   and a base-64 encoded shared secret.
    "tsig-keys":
    [
        {
            "name": "d2.md5.key",
            "algorithm": "HMAC-MD5",
            "secret": "LSWXnfkKZjdPJI5QxlpnfQ=="
        },
        {
            "name": "d2.sha1.key",
            "algorithm": "HMAC-SHA1",
            "secret": "hRrp29wzUv3uzSNRLlY68w=="
        },
        {
            "name": "d2.sha512.key",
            "algorithm": "HMAC-SHA512",
            "digest-bits": 256,
            "secret": "/4wklkm04jeH4anx2MKGJLcya+ZLHldL5d6mK+4q6UXQP7KJ9mS2QG29hh0SJR4LA0ikxNJTUMvir42gLx6fGQ=="
        }
    ],

// The following configures logging. It assumes that messages with at least
// informational level (info, warn, error and fatal) should be logged to stdout.
// It also specifies a custom log pattern.
    "loggers": [
        {
            "name": "kea-dhcp-ddns",
            "output_options": [
                {
                    "output": "stdout",
                    // Several additional parameters are possible in addition
                    // to the typical output. Flush determines whether logger
                    // flushes output to a file. Maxsize determines maximum
                    // filesize before the file is rotated. maxver
                    // specifies the maximum number of rotated files being
                    // kept.
                    "flush": true,
                    "maxsize": 204800,
                    "maxver": 4,
                    "pattern": "%d [%c/%i] %m\n"
                }
            ],
            "debuglevel": 0,
            "severity": "INFO"
        }
    ]
}

}