<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p><tt>I updated nsuptate.txt and added .rpz to the end of the
record now SERVFAIL happened</tt></p>
<p><tt>nsupdate.txt:</tt></p>
<p><tt>server localhost<br>
zone rpz<br>
update add 32.213.60.86.188.rpz-client-ip.rpz 60
CNAME rpz-passtrhu.<br>
show<br>
send</tt></p>
<p><tt><br>
</tt></p>
<p><tt>command result:</tt></p>
<p><tt>Outgoing update query:<br>
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR,
id: 0<br>
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0<br>
;; ZONE SECTION:<br>
;rpz. IN SOA<br>
<br>
;; UPDATE SECTION:<br>
32.213.60.86.188.rpz-client-ip.rpz. 60 IN CNAME rpz-passtrhu.<br>
<br>
update failed: SERVFAIL</tt></p>
<p><tt><br>
</tt></p>
<br>
<div class="moz-cite-prefix">On 24/01/18 22:46, Mark Andrews wrote:<br>
</div>
<blockquote type="cite"
cite="mid:A2F8C624-DEC4-4B41-8C7F-DA5327D48542@isc.org">
<pre wrap=""> Nsupdate treats all names as absolute so you need to add the .rpz to the end.
</pre>
</blockquote>
<br>
<pre wrap="">On 25 Jan 2018, at 08:19, Anvar Kuchkartaev via bind-users <a class="moz-txt-link-rfc2396E" href="mailto:bind-users@lists.isc.org"><bind-users@lists.isc.org></a> wrote:
Hello,
I am trying to update RPZ zone records dynamically using nsupdate. But unfortunately I am facing with NOTZONE option.
nsupdate -k /etc/rndc.key < nsupdate.txt
Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; ZONE SECTION:
;rpz. IN SOA
;; UPDATE SECTION:
32.213.60.86.188.rpz-client-ip. 60 IN CNAME rpz-passtrhu.
update failed: NOTZONE
nsupdate.txt:
server localhost
zone rpz
update add 32.213.60.86.188.rpz-client-ip. 60 CNAME rpz-passtrhu.
show
send
my rpz zone:
zone "rpz" IN {
type master;
file "named.rpz";
allow-query { localhost; };
update-policy {
grant rndc-key zonesub ANY;
};
};
Any help will be greatly appreciated,
--
Anvar Kuchkartaev
<a class="moz-txt-link-abbreviated" href="mailto:anvar@aegisnet.eu">anvar@aegisnet.eu</a>
_______________________________________________
Please visit <a class="moz-txt-link-freetext" href="https://lists.isc.org/mailman/listinfo/bind-users">https://lists.isc.org/mailman/listinfo/bind-users</a> to unsubscribe from this list
bind-users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:bind-users@lists.isc.org">bind-users@lists.isc.org</a>
<a class="moz-txt-link-freetext" href="https://lists.isc.org/mailman/listinfo/bind-users">https://lists.isc.org/mailman/listinfo/bind-users</a></pre>
<pre class="moz-signature" cols="72">--
Anvar Kuchkartaev
<a class="moz-txt-link-abbreviated" href="mailto:anvar@aegisnet.eu">anvar@aegisnet.eu</a> </pre>
</body>
</html>