adding DS record via nsupdate
Andrew Latham
lathama at gmail.com
Wed Feb 6 00:25:51 UTC 2013
On Tue, Feb 5, 2013 at 6:30 PM, Jack Tavares <j.tavares at f5.com> wrote:
> Hello -
>
> I am trying to add a DS record via nsupdate and I can't get it to succeed.
>
> It does not generate an error, but when I dig for the DS record I get NXDOMAIN.
>
> What I edit the zone file and add the same DS record and reload, I can query it
> just fine.
>
> I do the following as an example:
>
> nsupdate -d
> server <ip addr>
> zone test.net
> update add subzone.test.net 9999 IN DS 34845 7 1 325AA7B83FAC7DB621678EB2FB9035B51A0A504F
> send
>
> The output is
> Sending update to <ip>#53
> Outgoing update query:
> ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 45236
> ;; flags:; ZONE: 1, PREREQ: 0, UPDATE: 1, ADDITIONAL: 0
> ;; ZONE SECTION:
> ;test.net. IN SOA
>
> ;; UPDATE SECTION:
> subzone.test.net. 9999 IN DS 34845 7 1 325AA7B83FAC7DB621678EB2FB9035B51A0A504F
>
>
> Reply from update query:
> ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 45236
> ;; flags: qr; ZONE: 1, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
> ;; ZONE SECTION:
> ;test.net. IN SOA
>
> <end>
>
> Dig results
>
> dig @<ip> +noadflag +nocdflag -t ds subzone.test.net.
>
> ; <<>> DiG 9.8.4-P1 <<>> @<ip> -t ds subzone.test.net.
> ; (1 server found)
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 21747
> ;; flags: qr aa rd cd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
> ;; WARNING: recursion requested but not available
>
> ;; QUESTION SECTION:
> ;subzone.test.net. IN DS
>
> ;; AUTHORITY SECTION:
> test.net. 500 IN SOA xxxx.test.net. hostmaster.xxxx.test.net. 2013010938 10800 3600 604800 86400
>
>
> When I put the DS record in the zone manually:
>
> tail <zonefile>:
> subzone.test.net. 9999 IN DS 34845 7 1 325AA7B83FAC7DB621678EB2FB9035B51A0A504F
>
> and do a dig, it works:
> dig @<ip> -t ds subzone.test.net.
>
> ; <<>> DiG 9.8.4-P1 <<>> @<ip> -t ds subzone.test.net.
> ; (1 server found)
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21326
> ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
> ;; WARNING: recursion requested but not available
>
> ;; QUESTION SECTION:
> ;subzone.test.net. IN DS
>
> ;; ANSWER SECTION:
> subzone.test.net. 9999 IN DS 34845 7 1 325AA7B83FAC7DB621678EB2FB9035B51A0A504F
>
> ;; Query time: 0 msec
>
> Should this work?
> Thank you
>
> --
> Jack Tavares
First guess is that the Serial is not getting updated correctly.
--
~ Andrew "lathama" Latham lathama at gmail.com http://lathama.net ~
More information about the bind-users
mailing list