Update RPZ zone records

Anvar Kuchkartaev anvar at aegisnet.eu
Thu Jan 25 02:14:02 UTC 2018 

it worked!!! finally thank you for help. It was the directory permission 
issue causing dns to SERVFAIL


On 25/01/18 01:40, Mark Andrews wrote:
> Look at the sever’s logs.
>
>> On 25 Jan 2018, at 11:39 am, Anvar Kuchkartaev <anvar at aegisnet.eu> wrote:
>>
>> I updated nsuptate.txt and added .rpz to the end of the record now SERVFAIL happened
>>
>> nsupdate.txt:
>>
>> server localhost
>> zone rpz
>> update add 32.213.60.86.188.rpz-client-ip.rpz        60    CNAME    rpz-passtrhu.
>> show
>> send
>>
>>
>>
>> command result:
>>
>> Outgoing update query:
>> ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:      0
>> ;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
>> ;; ZONE SECTION:
>> ;rpz.                IN    SOA
>>
>> ;; UPDATE SECTION:
>> 32.213.60.86.188.rpz-client-ip.rpz. 60 IN CNAME    rpz-passtrhu.
>>
>> update failed: SERVFAIL
>>
>>
>>
>>
>> On 24/01/18 22:46, Mark Andrews wrote:
>>>   Nsupdate treats all names as absolute so you need to add the .rpz to the end.
>>>
>>>
>> On 25 Jan 2018, at 08:19, Anvar Kuchkartaev via bind-users <bind-users at lists.isc.org>
>>   wrote:
>>
>> Hello,
>>
>> I am trying to update RPZ zone records dynamically using nsupdate. But unfortunately I am facing with NOTZONE option.
>>
>> nsupdate -k /etc/rndc.key < nsupdate.txt
>>
>> Outgoing update query:
>> ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:      0
>> ;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
>> ;; ZONE SECTION:
>> ;rpz.                IN    SOA
>>
>> ;; UPDATE SECTION:
>> 32.213.60.86.188.rpz-client-ip.    60 IN    CNAME rpz-passtrhu.
>>
>> update failed: NOTZONE
>>
>>
>> nsupdate.txt:
>>
>> server localhost
>> zone rpz
>> update add 32.213.60.86.188.rpz-client-ip.        60    CNAME rpz-passtrhu.
>> show
>> send
>>
>>
>> my rpz zone:
>>
>> zone "rpz" IN {
>>      type master;
>>      file "named.rpz";
>>      allow-query { localhost; };
>>      update-policy {
>>                  grant rndc-key zonesub ANY;
>>          };
>> };
>>
>> Any help will be greatly appreciated,
>>
>> -- 
>> Anvar Kuchkartaev
>>
>> anvar at aegisnet.eu
>>
>>
>> _______________________________________________
>> Please visit
>> https://lists.isc.org/mailman/listinfo/bind-users
>>   to unsubscribe from this list
>>
>> bind-users mailing list
>>
>> bind-users at lists.isc.org
>> https://lists.isc.org/mailman/listinfo/bind-users
>> -- 
>> Anvar Kuchkartaev
>>
>> anvar at aegisnet.eu

-- 
Anvar Kuchkartaev
anvar at aegisnet.eu

More information about the bind-users mailing list