Problem using nsupdate -l -k with zone inside view
Marki
bind-users at lists.roth.lu
Tue Nov 5 17:37:05 UTC 2024
Hello,
I was converting a config to use views which is when these problems
started.
The config:
---------------------------------------
---------------------------------------
---------------------------------------
view first {
# nothing matches this
... zones here ....
}; # end view first
view inside {
match-clients {
key local-ddns;
inside-nets; # includes localhost
};
allow-query {
... includes localhost
};
allow-transfer {
... includes localhost
};
also-notify {
notify-hosts;
};
notify explicit;
...
zone "example.com" in {
type master;
file "master/example.com.zone";
update-policy local;
check-names warn;
forwarders {};
};
};
---------------------------------------
---------------------------------------
---------------------------------------
Command I use is
nsupdate -l -k session.key updatefile
Error is
127.0.0.1#52990: view inside: request has invalid signature: TSIG
local-ddns: tsig verify failure (BADSIG)
So it knows to use the zone "inside". But it won't update the zone.
I've tried adding the key to the different "match" and "allow" blocks to
no avail.
Bind 9.16.6 on SLES15-SP3.
Thoughts?
Thanks,
Marki
More information about the bind-users
mailing list