[H-GEN] Dynamic DNS seems to have a problem - or does it?
Bruce Campbell
bc at humbug.org.au
Fri Feb 28 03:26:40 EST 2003
[ Humbug *General* list - semi-serious discussions about Humbug and ]
[ Unix-related topics. Posts from non-subscribed addresses will vanish. ]
On Fri, 28 Feb 2003, Ewan Edwards wrote:
> I keep seeing sets of four lines (word wrap notwithstanding) like the
> following in the log. Unfortunately, I don't know what its trying to tell
> me. Can anybody please point me to a man page or a url that will give me
> some clues. Alternatively, tell me what I've done wrong so I can fix it.
Basically, named is not allowing dhcpd to update a particular zone, eg:
> Feb 28 15:29:00 diamond named[10768]: client 172.30.44.23#34661: update
> 'minestar.au/IN' denied
Since you mention that named 'allows' loopback and the host's own IP
address to update the DNS, the problem must be more subtle. Are you using
TSIG to authenticate the updates (and thus, is the TSIG key defined
correctly in named (key and on the zone itself) and in dhcpd) ? Is named
actually authoritative for 'minestar.au'[1], and knows that it can update
the zone via ddns?
For a work in progress on how to do this, refer to:
http://ops.ietf.org/dns/dynupd/secure-ddns-howto.html
( as used at most of the most of the main tech conferences )
--==--
Bruce.
[1] You have made sure that queries for yon private domain don't escape
past your gateway, yes? ;)
--
* This is list (humbug) general handled by majordomo at lists.humbug.org.au .
* Postings to this list are only accepted from subscribed addresses of
* lists 'general' or 'general-post'. See http://www.humbug.org.au/
More information about the General
mailing list