Setup Problems with Bind9 on Suse Linux 7.3
Hello,
we're trying to setup a functional Gnudip Server for several Days.
But when were trying to update IPs with the WebClient, or on the Server
directly we have the same error messages in the syslog:
Jul 18 15:09:18 ns1 gnudip-www: 217.225.140.240 - callcommand: command
returned exit code: 1
Jul 18 15:09:18 ns1 gnudip-www: 217.225.140.240 - command:
/usr/bin/nsupdate -v -k
/usr/local/gnudip/etc/Kags-dns.key.+157+39332.private
Jul 18 15:09:18 ns1 gnudip-www: 217.225.140.240 - input: update
delete test.ags-dns.de. A
Jul 18 15:09:18 ns1 gnudip-www: 217.225.140.240 - input: update
add test.ags-dns.de. 60 A 192.168.0.2
Jul 18 15:09:18 ns1 gnudip-www: 217.225.140.240 - input:
Jul 18 15:09:18 ns1 gnudip-www: 217.225.140.240 - output:
dns_request_getresponse: tsig verify failure
Jul 18 15:09:18 ns1 gnudip-www: 217.225.140.240 - output: > > >
Jul 18 15:09:18 ns1 gnudip-www: 217.225.140.240 - GnuDIP CGI has exited
- callnsupdate failed
Is ther somethinh wrong with our Keyfiles ?
Maybe we've done some other exentsivly configuration mistakes with user
rights.
we started named:
/usr/sbin/named -c /etc/named.conf
Jul 18 15:15:41 ns1 /usr/sbin/named[22953]: dns_zone_load: zone
ags-dns.de/IN: loading master file /var/named/ags-dns.de: CNAME and
other data
Jul 18 15:15:41 ns1 /usr/sbin/named[22953]: running
Mysql Database setup is properly.
Here are our configuration files:
/usr/local/gnudip/etc/gnudip.conf
----------------------
# BIND 9
nsupdate = /usr/bin/nsupdate -v
nsupdate = -k /usr/local/gnudip/etc/Kags-dns.key.+157+39332.private
We have generated our own key with dnskeygen:
/usr/local/gnudip/etc/Kags-dns.key.+157+39332.private
-----------------------------------------------------------------
Setup Problems with Bind9 on Suse Linux 7.3
Hello,
we're trying to setup a functional Gnudip Server for several Days.
But when were trying to update IPs with a Client, or on the Server
directly we have the same error messages in the syslog:
Jul 18 15:09:18 ns1 gnudip-www: 217.225.140.240 - callcommand: command
returned exit code: 1
Jul 18 15:09:18 ns1 gnudip-www: 217.225.140.240 - command:
/usr/bin/nsupdate -v -k
/usr/local/gnudip/etc/Kags-dns.key.+157+39332.private
Jul 18 15:09:18 ns1 gnudip-www: 217.225.140.240 - input: update
delete test.ags-dns.de. A
Jul 18 15:09:18 ns1 gnudip-www: 217.225.140.240 - input: update
add test.ags-dns.de. 60 A 192.168.0.2
Jul 18 15:09:18 ns1 gnudip-www: 217.225.140.240 - input:
Jul 18 15:09:18 ns1 gnudip-www: 217.225.140.240 - output:
dns_request_getresponse: tsig verify failure
Jul 18 15:09:18 ns1 gnudip-www: 217.225.140.240 - output: > > >
Jul 18 15:09:18 ns1 gnudip-www: 217.225.140.240 - GnuDIP CGI has exited
- callnsupdate failed
Maybe we've done some exentsivly configuration mistakes.
we started named:
/usr/sbin/named -c /etc/named.conf
Jul 18 15:15:41 ns1 /usr/sbin/named[22953]: dns_zone_load: zone
ags-dns.de/IN: loading master file /var/named/ags-dns.de: CNAME and
other data
Jul 18 15:15:41 ns1 /usr/sbin/named[22953]: running
Mysql Database setup is properly.
Here are our configuration files:
/usr/local/gnudip/etc/gnudip.conf
----------------------
# BIND 9
nsupdate = /usr/bin/nsupdate -v
nsupdate = -k /usr/local/gnudip/etc/Kags-dns.key.+157+39332.private
/usr/local/gnudip/etc/Kags-dns.key.+157+39332.private
------------------------------------------------------------------
Private-key-format: v1.2
Algorithm: 157 (HMAC_MD5)
Key:
o2WQUGMJYmCsD60UwPzKu6cBCXAejAHvkr8DnqSzubwreuwl+9W6cd88ho+BcD1kV2O+M8ujyYMqsiD9GcTtlA==
/var/named/gnudip-keyfile
-----------------------
key gnudip-keyname {
algorithm hmac-md5;
// the TSIG key generated by nsupdate
secret
"o2WQUGMJYmCsD60UwPzKu6cBCXAejAHvkr8DnqSzubwreuwl+9W6cd88ho+BcD1kV2O+M8ujyYMqsiD9GcTtlA==";
};
/var/named/localhost.zone
---------------------------
$TTL 1W
@ IN SOA @ root (
42 ; serial (d. adams)
2D ; refresh
4H ; retry
6W ; expiry
1W ) ; minimum
IN NS @
IN A 127.0.0.1
/var/named/ags-dns.de
---------------------
$ttl 68400
@ IN SOA ns1.ags-dns.de. ags-dns.ecom-bremen.de. (
2002062707
10800
3600
604800
38400 )
IN NS ns1.ags-dns.de.
IN NS ns4.tmag.de.
IN CNAME gnudiphost.ags-dns.de
/var/named/run/ags-dns.de.hosts
--------------------------------
$ttl 68400
@ IN SOA ns1.ags-dns.de. ags-dns.ecom-bremen.de. (
2002071605
10800
3600
604800
38400 )
IN NS ns1.ags-dns.de.
IN NS ns4.tmag.de.
/etc/named.conf
---------------
options {
directory "/var/named"; // working directory
pid-file "named.pid"; // pid file in working dir
# forwarders { 10.0.0.1; };
allow-query { any; }; // default query
# listen-on-v6 { any; };
recursion no; // do not provide recursive service
notify no;
};
zone "localhost" in {
type master;
file "localhost.zone";
};
zone "0.0.127.in-addr.arpa" in {
type master;
file "127.0.0.zone";
notify no;
};
// include definition of gnudip update key
include "/var/named/gnudip-keyfile";
// we are the master server for ags-dns.de
zone "ags-dns.de" {
type master;
file "/var/named/ags-dns.de";
// quick and dirty solution without TSIG key
allow-update { 212.202.235.43; };
// IP adresses of slave servers allowed to transfer ags-dns.de
// ns4.tmag.de and ns2.nsserve.de
allow-transfer {
62.208.142.10;
};
};
// define gnudip dynamic dns zone
zone "ags-dns.de.hosts" in {
type master;
file "/var/named/run/ags-dns.de.hosts";
update-policy { grant gnudip-keyname subdomain ags-dns.de; };
};
zone "." in {
type hint;
file "root.hint";
};
-----------------------------------------------------------------------------
Have somebody an Idea what we, are doing wrong.
Thanks
Helmut
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
--
GnuDIP Mailing List
http://gnudip2.sourceforge.net/gnudip-www/#mailinglist
