Debugging TSIG signed nsupdate problems
John Thurston
john.thurston at alaska.gov
Fri May 24 16:31:49 UTC 2024
It doesn't answer your original question, but I suggest looking at the
'algorithm' of that key.
Might it be a hmac-md5 ?
If you 'named-conf -px' does it appear in the list of keys?
--
Do things because you should, not just because you can.
John Thurston 907-465-8591
John.Thurston at alaska.gov
Department of Administration
State of Alaska
On 5/24/2024 8:17 AM, Erik Edwards via bind-users wrote:
> CAUTION: This email originated from outside the State of Alaska mail
> system. Do not click links or open attachments unless you recognize
> the sender and know the content is safe.
>
> How can I set debug level log for update events?
>
> I've tried "rndc trace 99" which gives *lots* of information expect for
> UPDATE REFUSED issues even thought the channel is set to dynamic
> severity.
>
> Is there a different way to get named to generate debug level logs for
> UPDATE events?
>
> I'm running BIND 9.18.26 (Extended Support Version) from Fedora 40.
>
> The updates and keys had been working correctly until the update to
> Fedora 40/BIND 9.18.26
>
> The issues I'm experiencing are only applying to a single key &
> update-policy line, other TSIG's are working correctly.
>
> -Erik
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20240524/3e70f772/attachment.htm>
More information about the bind-users
mailing list