dynamic update reverse zone?
Alexandre Paradis
alexandre at optiksecurite.com
Thu Feb 14 18:33:38 UTC 2008
Konigs Carl wrote:
> Verify write permission of "/etc/namedb/dynamic/revlan.bureau.own"
> Try nsupdate on your reverse zone, does it work?
>
> -----Original Message-----
> From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org] On
> Behalf Of Alexandre Paradis
> Sent: 13 February 2008 20:40
> To: bind-users at isc.org
> Subject: dynamic update reverse zone?
>
> Hi, i have some problems with my dynamic update between the DHCP and
> DNS. I'm able to update my "normal" zone, but the reverse zone won't
> update.
>
> here's my dhcpd.conf
>
>
> # dhcpd.conf
>
> ddns-hostname = pick (option fqdn.hostname, option host-name, concat
> ("dhcp-", binary-to-ascii (10, 8, "-", leased-address)));
> option host-name = config-option server.ddns-hostname;
>
> option domain-name "bureau.own";
> option domain-name-servers 69.69.68.1;
> default-lease-time 600;
> max-lease-time 7200;
> authoritative;
> #ping-check false;
> #DDNS
> ddns-updates on;
> ddns-update-style interim;
> ddns-domainname "bureau.own";
> #ignore client-updates;
> ddns-ttl 120;
> ddns-rev-domainname "in-addr.arpa";
> allow client-updates;
>
> subnet 69.69.68.0 netmask 255.255.255.0 {
> range 69.69.68.100 69.69.68.145;
> option routers 69.69.68.1;
> option broadcast-address 69.69.68.255;
> }
>
> key marjo {
> algorithm HMAC-MD5;
> secret <mykey>;
> }
>
> zone bureau.own. {
> primary 69.69.68.1;
> key marjo;
> }
>
> zone 68.69.69.in-addr-arpa. {
> primary 69.69.68.1;
> key marjo;
> }
>
>
>
>
>
>
> This is my named.conf
>
>
> key marjo {
> algorithm HMAC-MD5;
> secret "<mykey>";
> };
>
> #ACL pour les differentes interfaces
> acl lan { 69.69.68.0/24; 127.0.0.1; };
> # acl dmz { 1.2.3.4/24; };
>
> options {
> // Relative to the chroot directory, if any
> directory "/etc/namedb";
> pid-file "/var/run/named/pid";
> dump-file "/var/dump/named_dump.db";
> statistics-file "/var/stats/named.stats";
> version "haha oh wow!";
> recursion yes;
> allow-recursion {69.69.68.0/24; 127.0.0.1; };
> listen-on { 127.0.0.1; 69.69.68.1; };
> allow-query { lan; };
> forwarders {69.69.69.1; };
> };
> controls {
> inet 127.0.0.1 port 953
> allow { 127.0.0.1; 69.69.68.1; } keys { "marjo";};
> };
>
> view lan {
>
> zone "." {
> type hint;
> file "named.root";
> };
>
> match-clients {lan; };
>
> zone "bureau.own"{
> type master;
> notify no;
> file "/etc/namedb/dynamic/lan.bureau.own";
> //allow-transfer {127.0.0.1; };
> allow-update { key marjo; };
> };
>
> zone "68.69.69.in-addr.arpa" {
> type master;
> notify no;
> file "/etc/namedb/dynamic/revlan.bureau.own";
> //allow-transfer {127.0.0.1; };
> allow-update { key marjo; };
> };
>
> };
>
>
> i tried with dhclient.conf on the client side with
>
> interface "xl0" {
> send host-name "alexBSD";
> }
>
> it changed nothing.
>
> any idea?
>
>
>
>
>
> ***************************************************************
> Your E-mail has been scanned against Potential Virus and
> Spyware/Grayware
> dangers by the MOD BE SECURITY SYSTEMS.
>
> This e-mail and any attachments may contain confidential and
> privileged information. If you are not the intended recipient,
> please notify the sender immediately by return e-mail,
> delete this e-mail and destroy any copies.
> Any dissemination or use of this information by a person other
> than the intended recipient is unauthorized and may be illegal.
>
>
>
>
no, it didn't work. i've checked my permission, and they are ok now
also, there is no .jnl file for my reverse zone.
More information about the bind-users
mailing list