(domain names and keys changed in production from these values) I'm running the following:
root@ns1:~# pdns_server --version Jan 28 09:54:21 PowerDNS Authoritative Server 4.8.0-alpha0.1002.master.g13427ee56 (C) 2001-2022 PowerDNS.COM BV Jan 28 09:54:21 Using 64-bits mode. Built using gcc 9.4.0 on Jan 18 2023 12:08:28 by root@4f762a9684f6. I was able (until yesterday) to update DNS entries using RFC2136, but am now receiving the following error: Packet for 'mydomain.com' denied: Signature with TSIG key 'dhcpupdate' does not match the expected algorithm (hmac-sha256 / hmac-md5.sig-alg.reg.int) My TSIG key is set as follows: root@ns1:~# pdnsutil generate-tsig-key dhcpupdate hmac-sha256Create new TSIG key dhcpupdate hmac-sha256 W/ThmvveOYiOKDiMA/tphcm0bu+XsdHxmIPa5anY+U8NO94n8j5I7L7rTfrlTE7NRhTrbeRJ2f7s0oTiwWc9BA== and the configuration in my RFC2136 client (opnsense) is: [image: 2023-01-28_09-57.png] Advice is very welcome on how to diagnose. I've recreated the keys multiple times to no avail. Thank you. *Larry G. Wapnitsky* *E: la...@wapnitsky.com* *Web: Larry.Wapnitsky.com <http://larry.wapnitsky.com/>*
_______________________________________________ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users
