DNS update -- reverse zone

Wed Sep 20 03:12:59 UTC 2006

> Kevin,
> 
> I got the reverse thing fixed.  It now looks like named is just denying the 
> update because it is not being sent a key. (I found that out looking at a 
> debug log.)  Here is the syslog output:
> 
> Sep 18 20:05:58 localhost named[5207]: client 127.0.0.1#32939: updating zone
>  
> 'auto-sci.jdt/IN': adding an RR
> Sep 18 20:05:58 localhost named[5207]: client 127.0.0.1#32939: updating zone
>  
> 'auto-sci.jdt/IN': adding an RR
> Sep 18 20:05:58 localhost named[5207]: journal file 
> /etc/bind/zones/db.auto-sci.jnl does not exist, creating it
> Sep 18 20:05:58 localhost named[5207]: zone auto-sci.jdt/IN: sending 
> notifies (serial 2006091718)
> Sep 18 20:05:58 localhost dhcpd: Added new forward map from 
> ASUSXP01.auto-sci.jdt to 192.168.1.219
> Sep 18 20:05:58 localhost named[5207]: client 192.168.1.170#32939: update 
> '1.168.192.in-addr.arpa/IN' denied
> Sep 18 20:05:58 localhost dhcpd: unable to add reverse map from 
> 219.1.168.192.in-addr.arpa. to ASUSXP01.auto-sci.jdt: timed out
> Sep 18 20:05:58 localhost dhcpd: DHCPREQUEST for 192.168.1.219 
> (192.168.1.170) from 00:09:5b:19:c1:57 (ASUSXP01) via eth0
> Sep 18 20:05:58 localhost dhcpd: DHCPACK on 192.168.1.219 to 
> 00:09:5b:19:c1:57 (ASUSXP01) via eth0
> Sep 18 20:05:58 localhost named[5207]: client 192.168.1.200#1876: transfer 
> of 'auto-sci.jdt/IN': IXFR started
> 
> The forward and reverse zones are set up with exactly the same key.  Any 
> insight or clues as to what is wrong would be appreciated.

	This is a transaction between a client and a server.  I one
	end is right then the problem is usually on the other end.

	I suggest that you look at the other end:-)
 
> Joe Terry
> 
> 
> "Kevin Darcy" <kcd at daimlerchrysler.com> wrote in message 
> news:een5hp$1vt1$1 at sf1.isc.org...
> > Joe Terry wrote:
> >> I am trying to get dynamic updating working.  It will update the forward
> >> zone, but not the reverse!  The named.conf file is basically the same for
> >> both.  Here is the data:
> >>
> >> Error message
> >>
> >> Sep 17 21:50:16 localhost named[4187]: client 127.0.0.1#32874: updating 
> >> zone
> >> 'auto-sci.jdt/IN': adding an RR
> >> Sep 17 21:50:16 localhost named[4187]: client 127.0.0.1#32874: updating 
> >> zone
> >> 'auto-sci.jdt/IN': adding an RR
> >> Sep 17 21:50:16 localhost named[4187]: journal file
> >> /etc/bind/zones/db.auto-sci.jnl does not exist, creating it
> >> Sep 17 21:50:16 localhost named[4187]: zone auto-sci.jdt/IN: sending
> >> notifies (serial 2006091712)
> >> Sep 17 21:50:16 localhost dhcpd: Added new forward map from
> >> Rosanne.auto-sci.jdt to 192.168.1.220
> >> Sep 17 21:50:16 localhost named[4187]: client 192.168.1.170#32874: update
> >> '1.168.192.in-addr.arpa/IN' denied
> >> Sep 17 21:50:16 localhost dhcpd: unable to add reverse map from
> >> 220.1.168.192.1.168.192.in-addr.arpa to Rosanne.auto-sci.jdt: timed out
> >>
> >> named.conf.local
> >> include "/etc/bind/rndc.key";
> >>
> >> zone "auto-sci.jdt" in {
> >>         type master;
> >>         file "/etc/bind/zones/db.auto-sci";
> >>         allow-update { key "rndc-key"; };
> >> };
> >>
> >> zone "1.168.192.in-addr.arpa" in {
> >>         type master;
> >>         file "/etc/bind/zones/db.192.168.1";
> >>         allow-update { key "rndc-key"; };
> >> };
> >>
> >>
> >>
> >> Does anyone have an idea?
> >>
> > First of all, why are you using your rndc key for Dynamic Update?
> >
> > Secondly, that name "220.1.168.192.1.168.192.in-addr.arpa" looks a
> > little fishy. My guess is somebody forgot to dot-terminate a name
> > somewhere. Of course, you haven't shown the contents of your zone files,
> > so that's only a guess...
> >
> >
> >                        - Kevin
> >
> > 
> 
> 
> 
--
ISC Training!  October 16-20, 2006, in the San Francisco Bay Area,
covering topics from DNS to DHCP.  Email training at isc.org.
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org