Win2k DDNS TKEY - Format Error
Cricket Liu
cricket at acmebw.com
Fri May 19 16:01:04 UTC 2000
> I am looking at a sniffer trace from a Windows 2000 Professional
> (RTM release) machine talking to a BIND 8.2.2-P5 (Solaris 5.6).
> The Windows 2000 box is sending a TKEY record to DNS, and BIND
> is responding with response code 1 (Format Error). Is this something
> that BIND does not yet support? I searched the archives for "tsig" or
> "tkey", but I found no hits (even though I seem to remember this topic
> being discussed previously). Here is one of the TKEY packets being
> sent by W2k to DNS; I have taken the sniffer printout and added my
> decoding based on the document
>
> draft-ietf-dnsext-tkey-02.txt
>
> but I cannot insure that my decoding is 100% correct.
That's the beginning of a GSS-TSIG negotiation, which BIND does
not support. You should be able to disable secure dynamic update
on the Microsoft client and have it send plain vanilla dynamic updates
instead.
cricket
Acme Byte & Wire
cricket at acmebw.com
www.acmebw.com
Attend the next Internet Software Consortium/Acme Byte & Wire
DNS and BIND class! See www.acmebw.com/training.htm for
the schedule and to register for upcoming classes.
More information about the bind-users
mailing list