Problem with dynamic update failing
Michael M Friedel
m.friedel at betty-tv.com
Tue Oct 4 01:55:26 UTC 2005
Thank you. That was the hint I needed. It turned out the problem was
that I had been changeing named.conf and just sending a kill -HUP to
reload the configuration.
I started with the update-policy and and later changed it to an
allow-update. Apparently that doesn't work (old entries nout flushed ?).
I restarted named, and now everything is fine.
On Oct 4, 2005, at 24:51 , Mark Andrews wrote:
>
>
>> I am having a problem getting the dynamic DNS update working
>> correctly.
>> I have both bind and dhcpd running on the same machine.
>> The bind version is 9.3.1 and the dhcpd is Internet Systems
>> Consortium DHCP Server V3.0.2
>> I have read all the available documentation I could find, and if I I
>> interpret them correctly the below configuration is all I need.
>> I have also tried using the grant variant , also to no avail.
>>
>
> Well the error messages are NOT consistant with the named.conf
> snippets you sent.
>
> "rejected by secure update" indicates that you are NOT using
> "allow-update" but are using "update-policy".
>
> Mark
>
>
>> And this is the output in the named log.
>>
>> 03-Oct-2005 11:55:59.521 info: client 127.0.0.1#32779: updating zone
>> '20.172.in-addr.arpa/IN': update failed: rejected by secure update
>> (REFUSED)
>> 03-Oct-2005 12:14:34.456 info: client 127.0.0.1#32779: updating zone
>> 'mydomain.de/IN': update failed: rejected by secure update (REFUSED)
>>
>> And this is the corresponding dhcp message log
>>
>> Oct 3 11:55:59 dhcpd: unable to add reverse map from 8.50.20.172.in-
>> addr.arpa. to vmbuild.mydomain.de: timed out
>> Oct 3 11:55:59 dhcpd: DHCPREQUEST for 172.20.50.8 from 00:0c:
>> 29:87:94:57 via eth2
>> Oct 3 11:55:59 dhcpd: DHCPACK on 172.20.50.8 to 00:0c:29:87:94:57
>> via eth2
>>
>> Oct 3 12:14:34 dhcpd: Unable to add forward map from kvr.mydomain.de
>> to 172.20.50.1: timed out
>> Oct 3 12:14:34 dhcpd: DHCPREQUEST for 172.20.50.1 from 00:c0:df:
>> 11:35:0d (kvr) via eth2
>> Oct 3 12:14:34 dhcpd: DHCPACK on 172.20.50.1 to 00:c0:df:11:35:0d
>> (kvr) via eth2
>>
>>
>>
>>
>> ==========
>> named.conf
>> --------------
>> key updatekey {
>> algorithm hmac-md5;
>> secret "secretkey==";
>> };
>>
>> zone "mydomain.de" in {
>> file "master/mydomain.deX";
>> type master;
>> allow-transfer { localnets; };
>> allow-update { localhost; key updatekey; };
>> };
>>
>> zone "20.172.in-addr.arpa" in {
>> file "master/20.172.in-addr.arpaX";
>> type master;
>> allow-transfer { localnets; };
>> allow-update { localhost; key updatekey; };
>> };
>> ===========
>> dhcpd.conf
>> --------
>>
>> # Dynamic DNS Update
>> ddns-update-style interim;
>> ddns-domainname "mydomain.de";
>>
>> key updatekey {
>> algorithm hmac-md5;
>> secret "secretkey==";
>> }
>>
>> zone 20.172.in-addr.arpa. {
>> primary 127.0.0.1;
>> key algorithm;
>> }
>>
>> zone mydomain.de. {
>> primary 127.0.0.1;
>> key algorithm;
>> }
>>
>>
>>
> --
> Mark Andrews, ISC
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
>
More information about the bind-users
mailing list