update failed: SERVFAIL
Mark Andrews
marka at isc.org
Tue Jan 26 13:14:34 UTC 2010
In message <2ac8e9ad1001250710s2489d1edpf5a247341bc2ab1d at mail.gmail.com>, xu do
ng writes:
> Hi,
> I have a problem about the DDNS ,When I nsupdated the master dns server
> under with dnssec,but it failed as following:
>
> *root at root:/var/named/chroot/etc# nsupdate -d
> > server 192.168.225.130 5353
> > update add test.net 900 A 5.5.5.5
> >
> Reply from SOA query:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32603
> ;; flags: qr aa ; QUESTION: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
> ;; QUESTION SECTION:
> ;test.net. IN SOA
>
> ;; AUTHORITY SECTION:
> net. 300 IN SOA dns.net. dns.net.
> 2010011806 10800 60 604800 10800
>
> Found zone name: net
> The master is: dns.net
> Sending update to 192.168.225.130#5353
> Outgoing update query:
> ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 30960
> ;; flags: ; ZONE: 1, PREREQ: 0, UPDATE: 1, ADDITIONAL: 0
> ;; UPDATE SECTION:
dns.net. 900 IN A 5.5.5.5
>
> Reply from update query:
> ;; ->>HEADER<<- opcode: UPDATE, status: SERVFAIL, id: 30960
> ;; flags: qr ; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
> > *
>
> But when i nsupdated the master dns server without dnssec, it succeed. So I
> don't know why?
Did you look at the master's logs?
Have you told named where the private keys are?
Are the private keys readable by named?
> --
> ---------------------------------------------------------
> Xudong
> Email=A3=BAxudong83 at gmail.com
> Beijing,China
> ---------------------------------------------------------
>
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the bind-users
mailing list