I have a Ubuntu 9.10 Linux box that runs the DNS for my private, internal
cloud. I'm using a bash script that builds a file for nsupdate now, but since
I'm writing other utilities in Python, I thought I'd try using dnspython to do
that update instead. Only problem is, I can't get BIND to accept my update. It
complains my TSIG is not right. I can't find documentation detailed enough to
understand whether I'm using it right or not.
Here's how it works in bash:
#!/bin/bash
TSIG="cloud-ns:tsigcloudkey=="
EXTERNALIP=`cat /tmp/externalip`
TMPFILE=/tmp/nsupdate.txt
echo "server 172.23.0.11" >$TMPFILE
case "$1" in
add)
echo "update add www.cloud.npci.com 1 A $EXTERNALIP" >>$TMPFILE
;;
remove)
echo "update delete www.cloud.npci.com 1 A $EXTERNALIP"
>>$TMPFILE
;;
*)
;;
esac
echo "send" >>$TMPFILE
nsupdate -y $TSIG $TMPFILE
rm $TMPFILE
I'm trying to do this in dnspython and I don't know that I've gotten my keyring
right:
import dns.resolver, dns.reversename, dns.name
import dns.tsigkeyring, dns.update, dns.query
keyring = dns.tsigkeyring.from_text({
"cloud-ns": "eX97eFoppBqH8kAGP0pNbw=="
})
...
upd = dns.update.Update(dns_name, keyring=keyring)
upd.add(dns_name, 1, "A", ipaddr)
resp = dns.query.tcp(upd, "172.23.0.11")
print resp
This fails with:
id 14888
opcode UPDATE
rcode NOTAUTH
flags QR RA
;ZONE
;PREREQ
;UPDATE
;ADDITIONAL
Any help here would be greatly appreciated! Soon I'll have to give up and do
the update the only way I know works: by writing to a tmp file and nsupdate'ng
that... Ugh....
Thanks!
Jon Brisbin
Portal Webmaster
NPC International, Inc.
_______________________________________________
dnspython-users mailing list
[email protected]
http://howl.play-bow.org/mailman/listinfo.cgi/dnspython-users
