Dynamic Update Q: weird...
Kevin Darcy
kcd at daimlerchrysler.com
Wed Jan 15 17:44:22 UTC 2003
Arthur Cinader Jr wrote:
># named -v
>BIND 9.2.0
>
>
>I am trying to set up zone's to use dynamic dns. I am using
>TSIG. The forward zone works as expected, but the reverse
>doesn't. I have a workaround, but am curious what I am doing
>wrong (or is it that I need to upgrade to 9.2.X and this is a
>known bug?).
>
>In my forward domain:
>
> allow-update { key DHCP_UPDATER; };
>
>works like a charm. But in my reverse domain, it doesn't
>work, but:
>
> allow-update { LOCALHOST; };
>
>does.
>
>named is logging errors that indicate access is denied to my
>reverse zone.
>
>Any ideas?
>
>here is the relevent portion of my named.conf
>
>* * *
>options {
> directory "/var/named";
>};
>
>key DHCP_UPDATER {
> algorithm HMAC-MD5;
> secret <key priv here>;
>};
>
>.....
>zone "foo.org" {
> allow-update { key DHCP_UPDATER; };
> type master;
> file "pz/foo.org";
>};
>
>
>zone "30.10.10.in-addr.arpa" {
># allow-update { LOCALHOST; };
> allow-update { key DHCP_UPDATER; };
> type master;
> file "pz/10.10.30";
>};
>.....
>
I think it's recommended practice to dot-terminate key names, since in
some contexts they can be treated like domain names, i.e. get a default
domain appended to them.
- Kevin
More information about the bind-users
mailing list