DDNS security considerations



  • Am I correct in inferring that, in general, a dynamic dns implemented iaw RFC 2136 is more secure than the (typically) password-protected, http-based DDNS services available from most providers (and supported by pfsense)?

    I did a quick search, and there don't seem to be many providers that support RFC 2136*. Am I missing something - is this widely supported?

    Finally, is the RFC 2136 option in pfsense an nsupdate implementation?  Is it the only client-side software required to use RFC 2136 with a compliant server?

    • Dyn may support at least part of RFC 2136, but indications are it's only for their bigger commercial customers.