use a TSIG key to dynamically update ?

Arlen_Hing arlen_hing at iptrend.com.tw
Fri Oct 13 07:02:56 UTC 2000 

I use bind-8.2.2_P5-9 in RedHat 6.2. and  follow
http://www.nominum.com/resources/faqs/bind-faq.html
to use a TSIG key to dynamically update dns server, but
get error below :

[yonger at tw-Arlen keys]$ nsupdate -d -k /tmp/keys:mykey.
> update add tt.i.x. 10000 in a 192.168.1.23         
> 
;; res_findzonecut: START dname='tt.i.x.' class=IN, zsize=1025, naddrs=3
;; res_findzonecut: get the soa, and see if it has enough glue
;; res_nmkquery(QUERY, tt.i.x., IN, SOA)
;; res_send()
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49210
;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUERY SECTION:
;;      tt.i.x, type = SOA, class = IN

;; Querying server (# 1) address = 192.168.1.254
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49210
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUERY SECTION:
;;      tt.i.x, type = SOA, class = IN

;; AUTHORITY SECTION:
i.x.                    1H IN SOA       eS1.i.x. postmaster.x. (
                                        2000050801      ; serial
                                        1H              ; refresh
                                        30M             ; retry
                                        1W              ; expiry
                                        1H )            ; minimum


;; res_findzonecut: get the ns rrset and see if it has enough glue
;; res_nmkquery(QUERY, i.x, IN, NS)
;; res_send()
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49211
;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUERY SECTION:
;;      i.x, type = NS, class = IN

;; Querying server (# 1) address = 192.168.1.254
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49211
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; QUERY SECTION:
;;      i.x, type = NS, class = IN

;; ANSWER SECTION:
i.x.                    3D IN NS        eS1.i.x.

;; ADDITIONAL SECTION:
eS1.i.x.                3D IN A         192.168.1.254

;; res_findzonecut: get the missing glue and see if it's finally enough
;; res_findzonecut: add_addrs: 1
;; res_findzonecut: satisfy(eS1.i.x): 1
;; res_findzonecut: FINISH n=1 (OK)
;; res_nupdate: res_mkupdate -> 40
;; res_send()
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 49212
;; flags:; ZONE: 1, PREREQUISITE: 0, UPDATE: 1, ADDITIONAL: 1
;;      i.x, type = SOA, class = IN
tt.i.x.                 2h46m40s IN A   192.168.1.23
mykey.                  0S ANY TSIG     HMAC-MD5.SIG-ALG.REG.INT. 0
;; Querying server (# 1) address = 192.168.1.254
;; got answer:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 49212
;; flags: qr ra; ZONE: 1, PREREQUISITE: 0, UPDATE: 0, ADDITIONAL: 1
;;      i.x, type = SOA, class = IN
.                       0S ANY TSIG     . 17
;; res_nupdate: res_nsend: send error, n=-1 (Inappropriate ioctl for
device)

Can you tell me what's happened for this, and how to solve it ?
thank you !

More information about the bind-users mailing list