From a9243aa554686857d0c4e01ddd6aab80a0ff457f Mon Sep 17 00:00:00 2001 From: Andrew Backeby Date: Wed, 30 Jul 2025 15:28:57 +0200 Subject: [PATCH] DOCS: Improve grammar/typos in AXFR+DDNS provider documentation (#3697) --- documentation/provider/axfrddns.md | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/documentation/provider/axfrddns.md b/documentation/provider/axfrddns.md index afac25e94..a79f306cb 100644 --- a/documentation/provider/axfrddns.md +++ b/documentation/provider/axfrddns.md @@ -1,9 +1,9 @@ This provider uses the native DNS protocols. It uses the AXFR (RFC5936, -Zone Transfer Protocol) to retrieve the existing records and DDNS -(RFC2136, Dynamic Update) to make corrections. It can use TSIG (RFC2845) or +Zone Transfer Protocol) protocol to retrieve existing records and uses DDNS +(RFC2136, Dynamic Update) to make updates. It can use both TSIG (RFC2845) and IP-based authentication (ACLs). -It is able to work with any standards-compliant +It can work with any standards-compliant authoritative DNS server. It has been tested with [BIND](https://www.isc.org/bind/), [Knot](https://www.knot-dns.cz/), and [Yadifa](https://yadifa.eu/home.html). @@ -31,7 +31,7 @@ the provider: * `transfer-key`: If this exists, the value is used to authenticate AXFR transfers. * `update-key`: If this exists, the value is used to authenticate DDNS updates. -For instance, your `creds.json` might looks like: +For instance, your `creds.json` might look like: {% code title="creds.json" %} ```json @@ -147,8 +147,8 @@ Please consider adding default `nameservers` or an explicit `master` in `creds.j ### Transfer/AXFR server As mentioned above, the AXFR+DDNS provider will send AXFR requests to the -primary master for the zone. On some networks, the AXFR requests are handled -by a separate server to DDNS requests. Use the `transfer-server` option in +primary master for the zone. On some networks, AXFR requests are handled +by a different server than DDNS requests. Use the `transfer-server` option in `creds.json`. If not specified, it falls back to the primary master. {% code title="creds.json" %} @@ -198,7 +198,7 @@ D("example.com", REG_NONE, DnsProvider(DNS), ### Bind9 -Here is a sample `named.conf` example for an authauritative server on +This is a sample `named.conf` example for an authoritative server hosting the zone `example.com`. It uses a simple IP-based ACL for the AXFR transfer and a conjunction of TSIG and IP-based ACL for the updates. @@ -253,8 +253,8 @@ key update-key-id { When using `get-zones`, a custom master or a list of default nameservers should be configured in `creds.json`. -THe AXFR+DDNS provider does not display DNSSec records. But, if any -DNSSec records is found in the zone, it will replace all of them with +The AXFR+DDNS provider does not display DNSSEC records. But, if any +DNSSEC records are found in the zone, it will replace all of them with a single placeholder record: ```text @@ -277,4 +277,4 @@ When AutoDNSSEC is not enabled or disabled, no checking is done. ## FYI: MD5 Support -By default the used DNS Go package by miekg has deprecated supporting the (insecure) MD5 algorithm [https://github.com/miekg/dns/commit/93945c284489394b77653323d11d5de83a2a6fb5](https://github.com/miekg/dns/commit/93945c284489394b77653323d11d5de83a2a6fb5). Some providers like the Leibniz Supercomputing Centre (LRZ) located in Munich still use this algorithm to authenticate internal dynamic DNS updates. To compensate the lack of MD5 a custom MD5 TSIG Provider was added into DNSControl. +By default the used DNS Go package by miekg has deprecated support for the (insecure) MD5 algorithm [https://github.com/miekg/dns/commit/93945c284489394b77653323d11d5de83a2a6fb5](https://github.com/miekg/dns/commit/93945c284489394b77653323d11d5de83a2a6fb5). Some providers like the Leibniz Supercomputing Centre (LRZ) located in Munich still use this algorithm to authenticate internal dynamic DNS updates. To compensate for the lack of MD5, a custom MD5 TSIG Provider was added into DNSControl.