<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<div class="moz-cite-prefix">Hi Jim,<br>
<br>
Looking at your config files, believe the keys do not match in
named.conf and dhcpd.conf but maybe they were adjusted for the
posting to the list. Alan Clegg's link shows creating the key and
adding it to the files and also some nsupdate examples.<br>
<br>
<br>
Would want like the following, only with your key in each file,
cut and paste that key! :-)<br>
<br>
~~~ inside dhcpd.conf this ~~~~~<br>
<br>
<small>key DHCP_UPDATER {<br>
algorithm HMAC-MD5;<br>
secret xxxxxxxxxxxxxxxxxxxxxxxx;<br>
};<br>
</small><br>
~~~ inside named.conf this ~~~~~<br>
<br>
<small>key DHCP_UPDATER {<br>
algorithm HMAC-MD5;<br>
secret xxxxxxxxxxxxxxxxxxxxxxxx;<br>
};</small><br>
<br>
<br>
On 3/28/2013 3:05 PM, Jim Bucks wrote:<br>
</div>
<blockquote
cite="mid:CAMZ8b4cJWeHFms=f28DG=OzX6oDEFmi+hdQt=O1J4cpnnKEW6Q@mail.gmail.com"
type="cite">Hi All (sorry for the top-posting)....<br>
<br>
Alan - thanks for the link. I'll be checking it out / looking it
over.<br>
<br>
Jim,<br>
<br>
Based on the nsupdate output (below), it looks like I've hosed up
something in my "key". I used the key string from the .private
key file (I've found some search results that say to use the .key
and others say to use the .private).<br>
<br>
Jim<br>
<br>
[root@dns04 chroot]# nsupdate -d<br>
> server 127.0.0.1<br>
> key DHCP_UPDATE
TrlaHSJXel+L5hqtfev5Gdlwj7B+HqcXQiqXMdZ/8mGXhznkRXf6yMDaQ9rXbx45gFgVpW7PFRHXGsZfUKrFlw==<br>
> update add 101.20.10.172.in-addr.arpa. 3600 in ptr <a
moz-do-not-send="true" href="http://dhcp.coloradostudios.com">dhcp.coloradostudios.com</a>.
<br>
> <br>
Reply from SOA query:<br>
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id:
11212<br>
;; flags: qr aa ra; QUESTION: 1, ANSWER: 0, AUTHORITY: 1,
ADDITIONAL: 0<br>
;; QUESTION SECTION:<br>
;101.20.10.172.in-addr.arpa. IN SOA<br>
<br>
;; AUTHORITY SECTION:<br>
20.10.172.in-addr.arpa. 0 IN SOA <a
moz-do-not-send="true" href="http://dns04.coloradostudios.com">dns04.coloradostudios.com</a>.
<a moz-do-not-send="true" href="http://sysmgr.hd.net">sysmgr.hd.net</a>.
2013032600 10800 3600 604800 86400<br>
<br>
Found zone name: 20.10.172.in-addr.arpa<br>
The master is: <a moz-do-not-send="true"
href="http://dns04.coloradostudios.com">dns04.coloradostudios.com</a><br>
Sending update to 127.0.0.1#53<br>
Outgoing update query:<br>
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:
25308<br>
;; flags:; ZONE: 1, PREREQ: 0, UPDATE: 1, ADDITIONAL: 1<br>
;; UPDATE SECTION:<br>
101.20.10.172.in-addr.arpa. 3600 IN PTR <a
moz-do-not-send="true" href="http://dhcp.coloradostudios.com">dhcp.coloradostudios.com</a>.<br>
<br>
;; TSIG PSEUDOSECTION:<br>
dhcp_update. 0 ANY TSIG <a moz-do-not-send="true"
href="http://hmac-md5.sig-alg.reg.int">hmac-md5.sig-alg.reg.int</a>.
1364496936 300 16 qUBZdqVmksNQtmb1mb9gNQ== 25308 NOERROR 0 <br>
<br>
; TSIG error with server: tsig indicates error<br>
<br>
Reply from update query:<br>
;; ->>HEADER<<- opcode: UPDATE, status: NOTAUTH, id:
25308<br>
;; flags: qr ra; ZONE: 1, PREREQ: 0, UPDATE: 0, ADDITIONAL: 1<br>
;; ZONE SECTION:<br>
;20.10.172.in-addr.arpa. IN SOA<br>
<br>
;; TSIG PSEUDOSECTION:<br>
dhcp_update. 0 ANY TSIG <a moz-do-not-send="true"
href="http://hmac-md5.sig-alg.reg.int">hmac-md5.sig-alg.reg.int</a>.
1364496936 300 0 25308 BADKEY 0 <br>
<br>
> quit<br>
[root@dns04 chroot]# <br>
<br>
<br>
<div class="gmail_quote">On Thu, Mar 28, 2013 at 12:03 PM, Jim
Glassford <span dir="ltr"><<a moz-do-not-send="true"
href="mailto:jmglass@iup.edu" target="_blank">jmglass@iup.edu</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div text="#000000" bgcolor="#FFFFFF">
<div>Hi Jim,<br>
<br>
No, sorry, wrong IP address, the real IP address of the
dns server, not the client.<br>
<br>
zone <a moz-do-not-send="true"
href="http://dhcp.coloradostudios.com" target="_blank">dhcp.coloradostudios.com</a>.
{<br>
primary
your_dns_server_IP_address;
<----- change from 127.0.0.1 <br>
key DHCP_UPDATER;<br>
}<br>
<br>
Also do you have a /var/log/named.log file or debug log
file for named, other than messages, might have more
information.<br>
Can try nsupdate with debug to see if this gives any clue
also.<br>
nsupdate -d<br>
> server your_dns_server_here<br>
> key your_key_here<br>
> update add 101.20.10.172.in-addr.arpa. 3600 in ptr
<a moz-do-not-send="true"
href="http://dhcp-172-10-20-101.coloradostudios.com"
target="_blank">dhcp-172-10-20-101.coloradostudios.com</a>.<br>
> do extra CR to get it to go<br>
<br>
should see lots of debug information here<br>
><br>
> quit<br>
<br>
man nsupdate<br>
<br>
best!<br>
jim<br>
<br>
On 3/28/2013 1:52 PM, Jim Bucks wrote:<br>
</div>
<blockquote type="cite">No I have not tried that, but .101
is a leased IP address for a Windows workstation.<br>
<br>
I'm willing to try it, but it seems like that would mean I
would need a zone like this for all of my leased
addresses???<br>
<br>
<br>
Jim<br>
<br>
<div class="gmail_quote">On Thu, Mar 28, 2013 at 11:42 AM,
Jim Glassford <span dir="ltr"><<a
moz-do-not-send="true" href="mailto:jmglass@iup.edu"
target="_blank">jmglass@iup.edu</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div text="#000000" bgcolor="#FFFFFF">
<div>Hi Jim,<br>
<br>
Lost track but have you tried using the IP address
of the server for the primary, 172.10.20.101
instead of 127.0.0.1?<br>
<br>
zone <a moz-do-not-send="true"
href="http://dhcp.coloradostudios.com"
target="_blank">dhcp.coloradostudios.com</a>. {<br>
primary 172.10.20.101;
<----- change from 127.0.0.1 <br>
key DHCP_UPDATER;<br>
}<br>
<br>
<br>
best!<br>
jim<br>
<br>
<br>
On 3/28/2013 1:31 PM, Jim Bucks wrote:<br>
</div>
<blockquote type="cite">Hi Sten,<br>
<br>
Thanks for the response, I only dabble in DNS
setups every 5 years (or so). I really thought
this would be a "no brainer", and most likely have
some simple command / syntax error causing all of
this.<br>
<br>
From /var/log/messages<br>
<br>
Mar 28 11:22:57 dns04 dhcpd: DHCPOFFER on
172.10.20.101 to 00:0b:cd:33:b6:49 (proccilapxp)
via eth1<br>
Mar 28 11:22:57 dns04 dhcpd: Unable to add forward
map from <a moz-do-not-send="true"
href="http://dhcp-172-10-20-101.coloradostudios.com"
target="_blank">dhcp-172-10-20-101.coloradostudios.com</a>
to <a moz-do-not-send="true"
href="http://172.10.20.101" target="_blank">172.10.20.101</a>:
timed out<br>
Mar 28 11:22:57 dns04 dhcpd: DHCPREQUEST for
172.10.20.101 (172.10.5.5) from 00:0b:cd:33:b6:49
(proccilapxp) via eth1<br>
Mar 28 11:22:57 dns04 dhcpd: DHCPACK on
172.10.20.101 to 00:0b:cd:33:b6:49 (proccilapxp)
via eth1<br>
<br>
<br>
<div class="gmail_quote">On Thu, Mar 28, 2013 at
11:26 AM, Sten Carlsen <span dir="ltr"><<a
moz-do-not-send="true"
href="mailto:stenc@s-carlsen.dk"
target="_blank">stenc@s-carlsen.dk</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0
0 0 .8ex;border-left:1px #ccc
solid;padding-left:1ex">
<div bgcolor="#FFFFCC" text="#000000">
Apparently the DHCP server tries to put the
change into BIND but times out. What does
the named log tell about this?<br>
<br>
Either it did see the request or it will
have an explanation why it won't do it.<br>
<br>
<div>On 28/03/13 18:18, Jim Bucks wrote:<br>
</div>
<blockquote type="cite">Hi Mark, Graham,
& others.<br>
<br>
I've spent the last day trying all sorts
of things to get this working (to no
avail). I'm still at the stage of DHCP
offering the lease IP address, but the DNS
is not automatically updating the two
"zones" files with the newly leased
addresses.<br>
<br>
Here is a grief summary of what I
tried/changed.<br>
- Added the group named to the dhcpd
user<br>
- moved the two zones files into
/var/named/chroot/var/named/slaves/ (was
internal/)<br>
- added ENABLE_ZONE_WRITE=yes to
/etc/sysconfig/named<br>
- grabbed a current version named.conf
file and added the bare minimum config
into into it.<br>
<br>
Attached are my configs.<br>
<br>
Any ideas on what I've hosed up?<br>
<br>
Thanks,<br>
<br>
Jim<br>
<br>
<br clear="all">
<span><font color="#888888"> <br>
-- <br>
Jim Bucks - IT Director <br>
<a moz-do-not-send="true"
href="http://www.coloradostudios.com"
target="_blank">Colorado Studios</a>,
<a moz-do-not-send="true"
href="http://www.mobiletvgroup.com"
target="_blank"> Mobile TV Group</a>,
<a moz-do-not-send="true"
href="http://www.hd.net"
target="_blank">HDNet</a>, <a
moz-do-not-send="true"
href="http://www.axs.tv/"
target="_blank">AXS.tv</a><br>
8269 E. 23rd Ave. Denver, CO 80238
Main <a moz-do-not-send="true"
href="tel:303-388-8500"
value="+13033888500" target="_blank">303-388-8500</a>
<br>
<a moz-do-not-send="true"
href="mailto:jbucks@coloradostudios.com"
target="_blank">jbucks@coloradostudios.com</a>
Direct <a moz-do-not-send="true"
href="tel:303-542-5520"
value="+13035425520" target="_blank">303-542-5520</a>
<br>
<fieldset></fieldset>
<br>
<pre>_______________________________________________
Please visit <a moz-do-not-send="true" href="https://lists.isc.org/mailman/listinfo/bind-users" target="_blank">https://lists.isc.org/mailman/listinfo/bind-users</a> to unsubscribe from this list
bind-users mailing list
<a moz-do-not-send="true" href="mailto:bind-users@lists.isc.org" target="_blank">bind-users@lists.isc.org</a>
<a moz-do-not-send="true" href="https://lists.isc.org/mailman/listinfo/bind-users" target="_blank">https://lists.isc.org/mailman/listinfo/bind-users</a></pre>
</font></span></blockquote>
<span><font color="#888888"> <br>
<pre cols="72">--
Best regards
Sten Carlsen
No improvements come from shouting:
"MALE BOVINE MANURE!!!"
</pre>
</font></span></div>
<br>
_______________________________________________<br>
Please visit <a moz-do-not-send="true"
href="https://lists.isc.org/mailman/listinfo/bind-users"
target="_blank">https://lists.isc.org/mailman/listinfo/bind-users</a>
to unsubscribe from this list<br>
<br>
bind-users mailing list<br>
<a moz-do-not-send="true"
href="mailto:bind-users@lists.isc.org"
target="_blank">bind-users@lists.isc.org</a><br>
<a moz-do-not-send="true"
href="https://lists.isc.org/mailman/listinfo/bind-users"
target="_blank">https://lists.isc.org/mailman/listinfo/bind-users</a><br>
</blockquote>
</div>
<br>
<br clear="all">
<span><font color="#888888"> <br>
-- <br>
Jim Bucks - IT Director <br>
<a moz-do-not-send="true"
href="http://www.coloradostudios.com"
target="_blank">Colorado Studios</a>, <a
moz-do-not-send="true"
href="http://www.mobiletvgroup.com"
target="_blank"> Mobile TV Group</a>, <a
moz-do-not-send="true"
href="http://www.hd.net" target="_blank">HDNet</a>,
<a moz-do-not-send="true"
href="http://www.axs.tv/" target="_blank">AXS.tv</a><br>
8269 E. 23rd Ave. Denver, CO 80238 Main <a
moz-do-not-send="true"
href="tel:303-388-8500" value="+13033888500"
target="_blank">303-388-8500</a> <br>
<a moz-do-not-send="true"
href="mailto:jbucks@coloradostudios.com"
target="_blank">jbucks@coloradostudios.com</a>
Direct <a moz-do-not-send="true"
href="tel:303-542-5520" value="+13035425520"
target="_blank">303-542-5520</a> <br>
<fieldset></fieldset>
<br>
<pre>_______________________________________________
Please visit <a moz-do-not-send="true" href="https://lists.isc.org/mailman/listinfo/bind-users" target="_blank">https://lists.isc.org/mailman/listinfo/bind-users</a> to unsubscribe from this list
bind-users mailing list
<a moz-do-not-send="true" href="mailto:bind-users@lists.isc.org" target="_blank">bind-users@lists.isc.org</a>
<a moz-do-not-send="true" href="https://lists.isc.org/mailman/listinfo/bind-users" target="_blank">https://lists.isc.org/mailman/listinfo/bind-users</a></pre>
</font></span></blockquote>
<br>
</div>
<br>
_______________________________________________<br>
Please visit <a moz-do-not-send="true"
href="https://lists.isc.org/mailman/listinfo/bind-users"
target="_blank">https://lists.isc.org/mailman/listinfo/bind-users</a>
to unsubscribe from this list<br>
<br>
bind-users mailing list<br>
<a moz-do-not-send="true"
href="mailto:bind-users@lists.isc.org"
target="_blank">bind-users@lists.isc.org</a><br>
<a moz-do-not-send="true"
href="https://lists.isc.org/mailman/listinfo/bind-users"
target="_blank">https://lists.isc.org/mailman/listinfo/bind-users</a><br>
</blockquote>
</div>
<br>
<br clear="all">
<span class="HOEnZb"><font color="#888888"> <br>
-- <br>
Jim Bucks - IT Director <br>
<a moz-do-not-send="true"
href="http://www.coloradostudios.com"
target="_blank">Colorado Studios</a>, <a
moz-do-not-send="true"
href="http://www.mobiletvgroup.com" target="_blank">
Mobile TV Group</a>, <a moz-do-not-send="true"
href="http://www.hd.net" target="_blank">HDNet</a>,
<a moz-do-not-send="true" href="http://www.axs.tv/"
target="_blank">AXS.tv</a><br>
8269 E. 23rd Ave. Denver, CO 80238 Main <a
moz-do-not-send="true" href="tel:303-388-8500"
value="+13033888500" target="_blank">303-388-8500</a>
<br>
<a moz-do-not-send="true"
href="mailto:jbucks@coloradostudios.com"
target="_blank">jbucks@coloradostudios.com</a>
Direct <a moz-do-not-send="true"
href="tel:303-542-5520" value="+13035425520"
target="_blank">303-542-5520</a> </font></span></blockquote>
<br>
</div>
<br>
_______________________________________________<br>
Please visit <a moz-do-not-send="true"
href="https://lists.isc.org/mailman/listinfo/bind-users"
target="_blank">https://lists.isc.org/mailman/listinfo/bind-users</a>
to unsubscribe from this list<br>
<br>
bind-users mailing list<br>
<a moz-do-not-send="true"
href="mailto:bind-users@lists.isc.org">bind-users@lists.isc.org</a><br>
<a moz-do-not-send="true"
href="https://lists.isc.org/mailman/listinfo/bind-users"
target="_blank">https://lists.isc.org/mailman/listinfo/bind-users</a><br>
</blockquote>
</div>
<br>
<br clear="all">
<br>
-- <br>
Jim Bucks - IT Director <br>
<a moz-do-not-send="true" href="http://www.coloradostudios.com"
target="_blank">Colorado Studios</a>,
<a moz-do-not-send="true" href="http://www.mobiletvgroup.com"
target="_blank"> Mobile TV Group</a>, <a moz-do-not-send="true"
href="http://www.hd.net" target="_blank">HDNet</a>, <a
moz-do-not-send="true" href="http://www.axs.tv/" target="_blank">AXS.tv</a><br>
8269 E. 23rd Ave. Denver, CO 80238 Main 303-388-8500
<br>
<a moz-do-not-send="true" href="mailto:jbucks@coloradostudios.com"
target="_blank">jbucks@coloradostudios.com</a> Direct
303-542-5520
</blockquote>
<br>
</body>
</html>