Dynamic updates with bind 9.1.1
Sylvain MARTIENNE
sylvain.martienne at 6wind.com
Wed May 2 15:08:02 UTC 2001
David Horky wrote:
> Hello everybody,
>
> I'm trying to configure dynamic updates with bind 9.1.1 compiled from sources on
> Mandrake 7.2
>
> here what I do:
>
> 1. Generate a key
>
> ./dnssec-keygen -a HMAC-MD5 -b 128 -n USER mykey.
> Kmykey.+157+06650
>
> 2. move both generated files to /tmp dir
>
> 3. trying a testing update
> ./nsupdate -d -k /tmp/Kmykey.+157+06650.key
> (or ./nsupdate -d -k /tmp/Kmykey.+157+06650.private - same results)
> > update add .....
> >
>
> and nsupdate finds correctly the details of zone
>
> but then fails with:
>
> dns_request_getresponse: tsig verify failure
>
> without touching the master server of that zone.
>
> ----------
>
> it looks like nsupdate does not like the generated key by dnssec-keygen.
>
> I'm probably missing something important - I would be really glad if someone
> could point me to the right direction.
>
> Cheers,
>
> David
Hi,
I had the same trouble, but the next day I had seen it, it disappeared as it had
come that's without explanation.
I know it's not the answer you wanted but if someone could explain us I would be
pleased.
I work with BIND 9.1.1rc7 on FreeBSD 3.5.
--
Sylvain MARTIENNE
More information about the bind-users
mailing list