DDNS conflict with zone update
Lars Staun Knudsen
nogetfx at gmail.com
Mon Jul 7 23:40:19 UTC 2008
Mark Andrews wrote:
> Updates *have* to go to the master, either directly or as
> the result of the update being forwarded by the slave.
> As you are using TSIG to do the updates you can just turn
> on forwarding in the slave.
>
> allow-update-forwarding { any; };
>
> It is a configuration error to have a allow-update clause
> in a slave zone.
>
Hi
Thanks for the reply. I've inserted "allow-update-forwarding { any; };
" in the zone on the slave dns-sever, but i get an error on the master:
update-security: error: client 192.168.0.1#34559: update 'utysket.dk/IN'
denied
On the master server I've been trying with "allow-update { 172.16.0.1;
};", "allow-update { key MasterSlave; };" and "allow-update { key DDNS;
};" to allow zone-updates, but it haven't changed nothing. I've
copy/pasted the DDNS key and the MasterSlave key on both dns-server to
try avoiding the update-deny error. Can you explain what keys is being
used when dhcp is going through slave-dns to master-dns?
/etc/bind/rndc.key
key "rndc-key" {
algorithm hmac-md5;
secret "";
};
key "MasterSlave" {
algorithm hmac-md5;
secret "";
};
key "DDNS" {
algorithm hmac-md5;
secret "";
};
BTW. When all three keys is listed in the rndc.key file, i get an error
"rndc: error: /etc/bind/rndc.key:6: 'key' redefined near 'key'".
Shouldn't it be possible to hold all three?
--
/Lars
More information about the bind-users
mailing list