DNS update -- reverse zone
Mark Andrews
Mark_Andrews at isc.org
Wed Sep 20 03:12:59 UTC 2006
> Kevin,
>
> I got the reverse thing fixed. It now looks like named is just denying the
> update because it is not being sent a key. (I found that out looking at a
> debug log.) Here is the syslog output:
>
> Sep 18 20:05:58 localhost named[5207]: client 127.0.0.1#32939: updating zone
>
> 'auto-sci.jdt/IN': adding an RR
> Sep 18 20:05:58 localhost named[5207]: client 127.0.0.1#32939: updating zone
>
> 'auto-sci.jdt/IN': adding an RR
> Sep 18 20:05:58 localhost named[5207]: journal file
> /etc/bind/zones/db.auto-sci.jnl does not exist, creating it
> Sep 18 20:05:58 localhost named[5207]: zone auto-sci.jdt/IN: sending
> notifies (serial 2006091718)
> Sep 18 20:05:58 localhost dhcpd: Added new forward map from
> ASUSXP01.auto-sci.jdt to 192.168.1.219
> Sep 18 20:05:58 localhost named[5207]: client 192.168.1.170#32939: update
> '1.168.192.in-addr.arpa/IN' denied
> Sep 18 20:05:58 localhost dhcpd: unable to add reverse map from
> 219.1.168.192.in-addr.arpa. to ASUSXP01.auto-sci.jdt: timed out
> Sep 18 20:05:58 localhost dhcpd: DHCPREQUEST for 192.168.1.219
> (192.168.1.170) from 00:09:5b:19:c1:57 (ASUSXP01) via eth0
> Sep 18 20:05:58 localhost dhcpd: DHCPACK on 192.168.1.219 to
> 00:09:5b:19:c1:57 (ASUSXP01) via eth0
> Sep 18 20:05:58 localhost named[5207]: client 192.168.1.200#1876: transfer
> of 'auto-sci.jdt/IN': IXFR started
>
> The forward and reverse zones are set up with exactly the same key. Any
> insight or clues as to what is wrong would be appreciated.
This is a transaction between a client and a server. I one
end is right then the problem is usually on the other end.
I suggest that you look at the other end:-)
> Joe Terry
>
>
> "Kevin Darcy" <kcd at daimlerchrysler.com> wrote in message
> news:een5hp$1vt1$1 at sf1.isc.org...
> > Joe Terry wrote:
> >> I am trying to get dynamic updating working. It will update the forward
> >> zone, but not the reverse! The named.conf file is basically the same for
> >> both. Here is the data:
> >>
> >> Error message
> >>
> >> Sep 17 21:50:16 localhost named[4187]: client 127.0.0.1#32874: updating
> >> zone
> >> 'auto-sci.jdt/IN': adding an RR
> >> Sep 17 21:50:16 localhost named[4187]: client 127.0.0.1#32874: updating
> >> zone
> >> 'auto-sci.jdt/IN': adding an RR
> >> Sep 17 21:50:16 localhost named[4187]: journal file
> >> /etc/bind/zones/db.auto-sci.jnl does not exist, creating it
> >> Sep 17 21:50:16 localhost named[4187]: zone auto-sci.jdt/IN: sending
> >> notifies (serial 2006091712)
> >> Sep 17 21:50:16 localhost dhcpd: Added new forward map from
> >> Rosanne.auto-sci.jdt to 192.168.1.220
> >> Sep 17 21:50:16 localhost named[4187]: client 192.168.1.170#32874: update
> >> '1.168.192.in-addr.arpa/IN' denied
> >> Sep 17 21:50:16 localhost dhcpd: unable to add reverse map from
> >> 220.1.168.192.1.168.192.in-addr.arpa to Rosanne.auto-sci.jdt: timed out
> >>
> >> named.conf.local
> >> include "/etc/bind/rndc.key";
> >>
> >> zone "auto-sci.jdt" in {
> >> type master;
> >> file "/etc/bind/zones/db.auto-sci";
> >> allow-update { key "rndc-key"; };
> >> };
> >>
> >> zone "1.168.192.in-addr.arpa" in {
> >> type master;
> >> file "/etc/bind/zones/db.192.168.1";
> >> allow-update { key "rndc-key"; };
> >> };
> >>
> >>
> >>
> >> Does anyone have an idea?
> >>
> > First of all, why are you using your rndc key for Dynamic Update?
> >
> > Secondly, that name "220.1.168.192.1.168.192.in-addr.arpa" looks a
> > little fishy. My guess is somebody forgot to dot-terminate a name
> > somewhere. Of course, you haven't shown the contents of your zone files,
> > so that's only a guess...
> >
> >
> > - Kevin
> >
> >
>
>
>
--
ISC Training! October 16-20, 2006, in the San Francisco Bay Area,
covering topics from DNS to DHCP. Email training at isc.org.
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the bind-users
mailing list