DDNS+Bind

[Kevin Darcy]

Alexander Widera wrote:

>Ok ... another try ...
>this is in my named.conf
>
>key mydomain.com. {
>        algorithm HMAC-MD5;
>        secret "lksdfifwiefiomawmfawmopaisemfaweplfapew,paefwl=F6,23?=3D=
=3D";
>};
>
>zone "mydomain.com" in {
>        type master;
>        allow-update { key mydomain.com.; };
>        file "mydomain.com.zone";
>};
>
>
>This is all correct, isn't it?
>I tried some updates for this domain with nsupdate directly on my server=
 ...
>and they were succesfull.
>I used the -k parameter and the key-file to start nsupdate..
>But at the end I don't want to use nsupdate ... i tried now something el=
se
>than DynSite ...
>DirectControl ... there is written that it supports Bind-Servers ...
>And it seams that it does....
>Everytime i try to make an update, i get the error "DNS server error:
>Invalid TSIG signature. Check your secret key and retry - 15586" ...
>but I think I used the correct key ... and keydata
>the key is the domain with a dot at the end .... and the keydata is for
>example "lksdfifwiefiomawmfawmopaisemfaweplfapew,paefwl=F6,23?=3D=3D"
>
Well, that's just one way of _representing_ the data. A key is, in=20
truth, just a string of bits, or, in other words, binary. That string=20
above is just a example of representing that binary information in a=20
textual form (although the non-ASCII character there looks a little=20
suspicious). Maybe DirectControl expects you to provide the key data in=20
some other format...

                                                                        =20
                                                      -Kevin