# This is an example configuration file for D2, Kea's DHCP-DDNS processor.
# It supports updating two Forward DNS zones "four.example.com" and
# "six.example.com"; and one Reverse DNS zone, "2.0.192.in-addr.arpa."

{
# ------------------ DHCP-DDNS ---------------------
#
"DhcpDdns":
{

# --------------  Global Parameters ----------------
#
#   D2 will listen for update requests for Kea DHCP servers at 172.16.1.10
#   on port 53001.  Maximum time to we will  wait for a DNS server to
#   respond to us is 1000 ms.

    "ip_address": "172.16.1.10",
    "port": 53001,
    "dns_server_timeout" : 1000,

#
# ----------------- Forward DDNS  ------------------
#
#   1. Zone - "four.example.com.
#      It uses TSIG, key name is "d2.md5.key"
#      It is served by one DNS server which listens for DDNS requests at
#      172.16.1.1 on the default port 53 (standard  DNS port)
#
#   2. Zone - "six.example.com."
#      It does not use TSIG.
#      It is server by one DNS server at "2001:db8:1::10" on port 7802

    "forward_ddns":
    {
        "ddns_domains":
        [
#           DdnsDomain for zone "four.example.com."
            {
                "name": "four.example.com.",
                "key_name": "d2.md5.key",
                "dns_servers":
                [
                    {
                        "ip_address": "172.16.1.1"
                    }
                ]
            },

#           DdnsDomain for zone "six.example.com."
            {
                "name": "six.example.com.",
                "dns_servers":
                [
                    {
                        "ip_address": "2001:db8:1::10",
                        "port": 7802
                    }
                ]
            }
        ]
    },

#
# ----------------- Reverse DDNS  ------------------
#
# We will update Reverse DNS for one zone "2.0.192.in-addr-arpa". It
# uses TSIG with key "d2.sha1.key" and is served by two DNS servers:
# one listening at "172.16.1.1" on 53001 and the other at "192.168.2.10".
#
    "reverse_ddns":
    {
        "ddns_domains":
        [
            {
                "name": "2.0.192.in-addr.arpa.",
                "key_name": "d2.sha1.key",
                "dns_servers":
                [
                    {
                        "ip_address": "172.16.1.1",
                        "port": 53001
                    },
                    {
                        "ip_address": "192.168.2.10"
                    }
                ]
            }
        ]
    },

#
# ------------------ TSIG keys ---------------------
#
#   Each key has a name, an algorithm (HMAC-MD5, HMAC-SHA1, HMAC-SHA224...)
#   and a base-64 encoded shared secret.
#
    "tsig_keys":
    [
        {
            "name": "d2.md5.key",
            "algorithm": "HMAC-MD5",
            "secret": "LSWXnfkKZjdPJI5QxlpnfQ=="
        },
        {
            "name": "d2.sha1.key",
            "algorithm": "HMAC-SHA1",
            "secret": "hRrp29wzUv3uzSNRLlY68w=="
        }
    ]
}

}