Problem with dynamic update failing

Mark Andrews Mark_Andrews at isc.org
Mon Oct 3 22:51:54 UTC 2005 

> I am having a problem getting the dynamic DNS update working correctly.
> I have both bind and dhcpd running on the same machine.
> The bind version is 9.3.1 and the dhcpd is Internet Systems
> Consortium DHCP Server V3.0.2
> I have read all the available documentation I could find, and if I I
> interpret them correctly the below configuration is all I need.
> I have also tried using the grant variant , also to no avail.

	Well the error messages are NOT consistant with the named.conf
	snippets you sent.

	"rejected by secure update" indicates that you are NOT using
	"allow-update" but are using "update-policy".

	Mark
 
> And this is the output in the named log.
> 
> 03-Oct-2005 11:55:59.521 info: client 127.0.0.1#32779: updating zone
> '20.172.in-addr.arpa/IN': update failed: rejected by secure update
> (REFUSED)
> 03-Oct-2005 12:14:34.456 info: client 127.0.0.1#32779: updating zone
> 'mydomain.de/IN': update failed: rejected by secure update (REFUSED)
> 
> And this is the corresponding dhcp message log
> 
> Oct  3 11:55:59 dhcpd: unable to add reverse map from 8.50.20.172.in-
> addr.arpa. to vmbuild.mydomain.de: timed out
> Oct  3 11:55:59 dhcpd: DHCPREQUEST for 172.20.50.8 from 00:0c:
> 29:87:94:57 via eth2
> Oct  3 11:55:59 dhcpd: DHCPACK on 172.20.50.8 to 00:0c:29:87:94:57
> via eth2
> 
> Oct  3 12:14:34 dhcpd: Unable to add forward map from kvr.mydomain.de
> to 172.20.50.1: timed out
> Oct  3 12:14:34 dhcpd: DHCPREQUEST for 172.20.50.1 from 00:c0:df:
> 11:35:0d (kvr) via eth2
> Oct  3 12:14:34 dhcpd: DHCPACK on 172.20.50.1 to 00:c0:df:11:35:0d
> (kvr) via eth2
> 
> 
> 
> 
> ==========
> named.conf
> --------------
> key updatekey {
>           algorithm hmac-md5;
>           secret "secretkey==";
> };
> 
> zone "mydomain.de" in {
>           file "master/mydomain.deX";
>           type master;
>           allow-transfer { localnets; };
>           allow-update { localhost; key updatekey; };
> };
> 
> zone "20.172.in-addr.arpa" in {
>           file "master/20.172.in-addr.arpaX";
>           type master;
>           allow-transfer { localnets; };
>           allow-update { localhost; key updatekey; };
> };
> ===========
> dhcpd.conf
> --------
> 
> # Dynamic DNS Update
> ddns-update-style interim;
> ddns-domainname "mydomain.de";
> 
> key updatekey {
>           algorithm hmac-md5;
>           secret "secretkey==";
> }
> 
> zone 20.172.in-addr.arpa. {
>           primary 127.0.0.1;
>           key algorithm;
> }
> 
> zone mydomain.de. {
>           primary 127.0.0.1;
>           key algorithm;
> }
> 
> 
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org

More information about the bind-users mailing list