Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

setting DDNS update-key? (non-HTTP method)

Hi everyone

Platfom: CISCO881-SEC-K9, 15.2(4)M3

I've been doing DDNS with DynDNS and the HTTP method for a while, for the obvious purposes like remote access, file access, ssh access, proxying while abroad etc.

Since I am already hosting my own DNS Servers (BIND) out in the internet, I thought of sending a proper ITEF style DDNS update to a subdomain of mine, to have an updated A Record in my DNS zones that I could use.

While BIND name server can be configured to allow updates from a given (set of) IP adresse(s) or ranges, I can't rely on a dynamic IP for security, what with with my DSL connection and it's dynamic public IP.

BIND however has the concept of the update-key (see ) which just basically is a properly long shared secret.

I just can't figure out how and where to set this key when configuring as follows:

ip ddns update method SUB.MYDOMAIN.COM-DDNS


interval maximum 7 0 0 0

interval minimum 0 6 0 0

interface FastEthernet4


ip address dhcp


ip ddns update hostname

ip ddns update SUB.MYDOMAIN.COM-DDNS


Note: I do not want to update DNS with my router's hostname and not via DHCP&DNS Services of my ISP, hence I'm not using the

ip dhcp client update dns interface command, as suggested by ).

I woul assume that I need to define a keyring of sorts, but I failed to find any (sub)command that woul allow to specify a keyring for DDNS.

Thanks for your thoughts and ideas


Everyone's tags (5)