Feature questions

Mon Sep 22 13:35:33 UTC 2008

I have read the documentation regarding the use of DNSSEC and also 
utilizing DNS zone files within the dhcpd.conf. I am in need of a 
'second set of eyes' in regards to my current configuration for these 
options as well as for the failover configuration syntax.

If any one could assist me with this I would appreciate it.

#### DNSSEC Key Definitions ####
key test {
     algorithm DSA;
     secret passphrase;
}

#### DNS Zone Definitions ####
zone "scl.utah.edu" {
     type master;
     file "mmctest.zone";
     allow-update { key test; };
};
zone "145.17.97.155.in-addr.arpa" {
     type master;
     file "mmctest.zone";
     allow-update { key test; };
};
zone scl.utah.edu {
     primary 127.0.0.1;
     key test;
}
zone 145.17.97.155.in-addr.arpa {
     primary 127.0.0.1;
     key test;
}

#### Failover configuration ####
failover peer "tyr" {
     primary;
     address 155.97.17.166;
     port 519;
     peer address 155.97.16.253;
     peer port 520;
     max-response-delay 60;
     max-unpacked-updates 10;
     mclt 300;
     split 128;
     load balance max seconds 3;
}

The reason I am asking is because with this configuration (which look 
accurate according to the RFC documentation I have read) I receive some 
errors when restarting the dhcpd service. Details below:

dhcpd.conf line 24: partial base64 value left over: 14.
        secret passphrase;

dhcpd.conf line 28: expecting hostname.
zone "scl.utah.edu"

dhcpd.conf line 32: expecting a parameter or declaration
};

/dhcpd.conf line 33: expecting hostname.
zone "145.17.97.155.in-addr.arpa"

dhcpd.conf line 37: expecting a parameter or declaration
};

dhcpd.conf line 55: invalid statement in peer declaration
        max-unpacked-updates