nsupdate configuration

Charles Bodley Bodley at tflogic.com
Mon Jul 2 23:04:37 UTC 2001


Finally got that part solved. I thad many problems all fixed. here are two
of them.
1. no write access to var/named/ for the journal file it needed. (named
running as named not root)
2. did not work when calling DDNS_UPDATER (worked for lowercase
ddns_updater, maybe was bad spelling)

I have it implemented and working including a web interface but had anouther
question on the security aspect. can it be configured such that both a
specified IP and a key are needed.

P.S. Asked this in anouther post also.

> -----Original Message-----
> From: bind-users-bounce at isc.org [mailto:bind-users-bounce at isc.org]On
> Behalf Of Kevin Darcy
> Sent: Monday, July 02, 2001 6:40 PM
> To: Bind-Users Help (E-mail)
> Subject: Re: nsupdate configuration
>
>
>
> 1) UPDATER != UPDATOR (???)
>
> 2) What's recorded in the nameserver logs?
>
> 3) What does nsupdate's debug (-d) output show?
>
>
> - Kevin
>
> Charles Bodley wrote:
>
> > I'm trying to setup nsupdate so that it can modify a single
> domain. As a
> > test I created the domain ABC.com.
> >
> > key DDNS_UPDATER {
> >         algorithm HMAC-MD5;
> >         secret AAAABBBBCCCCDDDDEEEEFFFF;
> > };
> > zone "ABC.com"{
> >        type master;
> >        file "db.ABC_com";
> >         allow-update { key DDNS_UPDATER; };
> > };
> > The command I am sending is
> >
> > nsupdate -y DDNS_UPDATOR:AAAABBBBCCCCDDDDEEEEFFFF 1
> >
> > where 1 is the name of a file in the PWD. The contents of
> the file follow,
> > server 127.0.0.1
> > local 127.0.0.1
> > zone ABC.com
> > update delete login.ABC.com
> > prereq nxdomain login.abc.com
> > update add login.abc.com 30 CNAME login-a.abc.com
> >
> > >From what I've read in the Bv9ARM.pdf and the man pages it
> should be
> > working. Yet when I send the command the result is
> > dns_request_getresponse: tsig indicates error
> >
> > If anyone has any Ideas please let me know. I will
> eventally have 2 files so
> > that I can switch between login-a and login-b. Any help would be
> > appreciated.
>
>
>
>
>




More information about the bind-users mailing list