DDNS Failed

Norman Zhang norman.zhang at rd.arkonnetworks.com
Thu Nov 11 02:16:16 UTC 2004


Norman Zhang wrote:
> I'm trying allow DDNS for a W2K3 machine to register AD.
> 
> zone "hq.arkonnetworks.com" {
>    type master;
>    file "db.hq.arkonnetworks.com";
>    allow-update { key rndc-key; };
> };
> 
> But I'm keep getting
> 
> 0x0000232A RCODE_SERVER_FAILURE
> 
> I tried changing
> 
> allow-update { 192.168.22.0/24; };
> 
> but still fails. But all my Windows clients can do DDNS. DHCP is also on 
> the bind 9.2.3 box. May I ask what some tips please?

I've attached both my dhcpd.conf and named.conf below. My W2K3 box has 
an IP 192.168.22.21. Any advice is greatly appreciated.

Regards,
Norman Zhang

# Server settings
authoritative;
ddns-update-style ad-hoc;

# Global settings
option domain-name "hq.arkonnetworks.com";
default-lease-time 21600;
max-lease-time 43200;
ddns-updates on;
ddns-domainname "hq.arkonnetworks.com";
ddns-rev-domainname "in-addr.arpa";

key rndc-key {
   algorithm hmac-md5;
   secret "xxxx";
}

zone hq.arkonnetworks.com. {
   primary 192.168.11.3;
   key rndc-key;
}

# LAN1 IP Range
subnet 192.168.11.0 netmask 255.255.255.0 {
   option domain-name-servers 192.168.11.3, 192.168.11.15, 207.34.136.1, 
204.174.64.1;
   option ntp-servers 192.168.11.3;
   option routers 192.168.11.1;
   range 192.168.11.41 192.168.11.254;
   zone 11.168.192.in-addr.arpa. {
     primary 192.168.11.3;
     key rndc-key;
   }
}
	
# LAN2 IP Range
subnet 192.168.22.0 netmask 255.255.255.0 {
   option domain-name-servers 192.168.22.3, 192.168.22.15, 207.34.136.1, 
204.174.64.1;
   option ntp-servers 192.168.22.3;
   option routers 192.168.22.1;
   range 192.168.22.41 192.168.22.254;
   zone 22.168.192.in-addr.arpa. {
     primary 192.168.22.3;
     key rndc-key;
   }
}

// generated by named-bootconf.pl

options {
   directory "/var/named";
   forwarders { 207.34.136.1; 204.174.64.1; 204.174.65.1; };
   pid-file "/var/run/named/named.pid";
   /*
    * If there is a firewall between you and nameservers you want
    * to talk to, you might need to uncomment the query-source
    * directive below.  Previous versions of BIND always asked
    * questions using port 53, but BIND 8.1 uses an unprivileged
    * port by default.
    */
   // query-source address * port 53;
};


// secret must be the same as in /etc/rndc.conf
key "rndc-key" {
   algorithm hmac-md5;
   secret "xxxx";
};

controls {
   inet 127.0.0.1 allow { any; } keys { "rndc-key"; };
};

//
// a caching only nameserver config
//
zone "." {
   type hint;
   file "db.cache";
};

zone "0.0.127.in-addr.arpa" {
   type master;
   file "db.127.0.0";
};

zone "hq.arkonnetworks.com" {
   type master;
   file "db.hq.arkonnetworks.com";
   allow-update { key rndc-key; };
};

zone "arkonnetworks.com" {
   type slave;
   file "db.arkonnetworks.com";
   masters { 207.34.136.1; };
};

zone "0-31.136.34.207.in-addr.arpa" {
   type slave;
   file "db.207.34.136.0";
   masters { 207.34.136.1; };
};

zone "22.168.192.in-addr.arpa" {
   type master;
   file "db.192.168.22.0";
   allow-update { key rndc-key; };
};

zone "11.168.192.in-addr.arpa" {
   type master;
   file "db.192.168.11.0";
   allow-update { key rndc-key; };
};

zone "_msdcs.hq.arkonnetworks.com" {
   type master;
   file "db._msdcs.hq.arkonnetworks.com";
   allow-update { 192.168.22.0/24; };
};

zone "_sites.hq.arkonnetworks.com" {
   type master;
   file "db._sites.hq.arkonnetworks.com";
   allow-update { 192.168.22.0/24; };
};

zone "_tcp.hq.arkonnetworks.com" {
   type master;
   file "db._tcp.hq.arkonnetworks.com";
   allow-update { 192.168.22.0/24; };
};

zone "_udp.hq.arkonnetworks.com" {
   type master;
   file "db._udp.hq.arkonnetworks.com";
   allow-update { 192.168.22.0/24; };
};



More information about the bind-users mailing list