BIND 8.2.4 REL - TSIG key in a server statement

kevind at sea.checkpoint.com kevind at sea.checkpoint.com
Fri May 18 20:43:09 UTC 2001



I am having a problem with stock BIND 8.2.4 Release and TSIG key
in a server statement in named.conf.   This config file worked under BIND 
8.2.3 Rel.

I have a key generated with dnskeygen.  When I use the keys statement in
the server statement named logs an error "unknown key 'seatuck.seatuck.net'"
I can take this key and put it into an "allow-update" statement and with 
nsupdate I
can TSIG sign a DDNS update and everything works.

Looks like something broke in BIND 8.2.4

-Kevin


[root at wumpus sbin]$ ./named -f -d 1 -c /etc/named.conf
Debug level 1
Version = named 8.2.4-REL Fri May 18 10:06:16 PDT 2001
	root at wumpus:/export/home/kevind/bind824/src/bin/named
	conffile = /etc/named.conf
	starting (/etc/named.conf).  named 8.2.4-REL Fri May 18 10:06:16 PDT 2001
			root at wumpus:/export/home/kevind/bind824/src/bin/named
ns_init(/etc/named.conf)
Adding 64 template zones
evSetTimer(ctx 0x1113e8, func 0x3a1f4, uap 0, due 990209826.708485000, 
inter 3600.000000000)
evSetTimer(ctx 0x1113e8, func 0x50a7c, uap 0, due 990209826.709730000, 
inter 3600.000000000)
evSetTimer(ctx 0x1113e8, func 0x4b680, uap 0, due 990209826.710778000, 
inter 3600.000000000)
evSetTimer(ctx 0x1113e8, func 0x3a27c, uap 0, due 990209826.711706000, 
inter 3600.000000000)
/etc/named.conf:11: unknown key 'seatuck.seatuck.net'
/etc/named.conf:11: empty key not added to server list
======================
here is the named.conf:
======================
key seatuck.seatuck.net. {
   algorithm "HMAC-MD5";
   secret "Ew==";
};

options {
   directory "/var/named";
};

server 192.168.1.25 {
   keys { seatuck.seatuck.net. ; } ;
};

zone "." IN {
   type hint;
   file "named.root";
};

zone "localhost" IN {
   type master;
   file "localhost.db";
};

zone "0.0.127.in-addr.arpa" IN {
   type master;
   file "loopback.db";
};


More information about the bind-workers mailing list