Hi,
I have fixed IP address on one of my Orgs OpnSENSE firewalls.
I'm wondering if it is possible to create Dynamic DNS Server on that firewall and take Secure Updates from other OpnSense Firewalls on the Internet rather than pay a Dynamic DNS provider.
If so, any hints on how?
LozBoz
PS: Everything I read on DDNS and Opnsense relates to the ddclient and while useful for the remote OpnSense FW not useful for the above use case.
It is possible but maybe not on the firewall itself: https://arstechnica.com/information-technology/2024/02/doing-dns-and-dhcp-for-your-lan-the-old-way-the-way-that-works/
Unbound is rumoured not to support RFC 2136. Search for ddns-update-style if you want to dig deeper.
Bart...
I think the more important point here is that DNS in OPNsense is primarily acting as a resolver for internal clients, with some very basic support for internal domains (".lan") - it is (IMO) not intended to act as an authoritative DNS server that would be exposed to the internet. It might be possible to hack something together, possibly with the os-bind plugin(??), but I don't think it'd be supported, nor probably recommended...
Thank you bartjsmit & dseven for those insights.
Based on your input I'll pursue other avenues !!!