subject:"nsupdate problem after DNSSEC"

nsupdate problem after DNSSEC

2011-01-05 Thread Michelle Konzack

I have update my dns1 to DNSSEC and now I have two probems...

1)  dns2 does not more update

2)  nsupdate from my admin website does not more work and give me   an
ExitStatus 2.  Unfortunately the manpage does not tell me what 2 is.
But I assume it hast the same problem like dns2

Can someone tell me what I have to change that my TSIG work again?

Thanks, Greetings and nice Day/Evening
Michelle Konzack

-- 
# Debian GNU/Linux Consultant ##
   Development of Intranet and Embedded Systems with Debian GNU/Linux

itsyst...@tdnet France EURL   itsyst...@tdnet UG (limited liability)
Owner Michelle KonzackOwner Michelle Konzack

Apt. 917 (homeoffice)
50, rue de Soultz Kinzigstraße 17
67100 Strasbourg/France   77694 Kehl/Germany
Tel: +33-6-61925193 mobil Tel: +49-177-9351947 mobil
Tel: +33-9-52705884 fix

http://www.itsystems.tamay-dogan.net/  http://www.flexray4linux.org/
http://www.debian.tamay-dogan.net/ http://www.can4linux.org/

Jabber linux4miche...@jabber.ccc.de

Linux-User #280138 with the Linux Counter, http://counter.li.org/


signature.pgp
Description: Digital signature
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: nsupdate problem after DNSSEC upgrade

2011-01-05 Thread Michelle Konzack

Note:   My nsupdate script us an autogenerated file like:

if ($_GET['nsupdate'] == 'on') {
  $tmp_file = tempnam('/tmp', 'tdphp-vserver.');
  chmod($tmp_file, 0700);
  $fh = fopen($tmp_file, 'a');
  fwrite($fh, server dns1.tamay-dogan.net\n);
  fwrite($fh, update delete . $_GET['vhost'] .  A\n);
  fwrite($fh, prereq nxdomain . $_GET['vhost'] . \n);
  fwrite($fh, update add . $_GET['vhost'] .  86400 CNAME . 
$_SERVER['SERVER_NAME'] . \n);
  fwrite($fh, send\n);
  fseek($fh, 0);
  exec(nsupdate  . $tmp_file, $array, $ret);

but this give me as I sayed already an ExitStatus 2

Thanks, Greetings and nice Day/Evening
Michelle Konzack

-- 
# Debian GNU/Linux Consultant ##
   Development of Intranet and Embedded Systems with Debian GNU/Linux

itsyst...@tdnet France EURL   itsyst...@tdnet UG (limited liability)
Owner Michelle KonzackOwner Michelle Konzack

Apt. 917 (homeoffice)
50, rue de Soultz Kinzigstraße 17
67100 Strasbourg/France   77694 Kehl/Germany
Tel: +33-6-61925193 mobil Tel: +49-177-9351947 mobil
Tel: +33-9-52705884 fix

http://www.itsystems.tamay-dogan.net/  http://www.flexray4linux.org/
http://www.debian.tamay-dogan.net/ http://www.can4linux.org/

Jabber linux4miche...@jabber.ccc.de
ICQ#328449886

Linux-User #280138 with the Linux Counter, http://counter.li.org/


signature.pgp
Description: Digital signature
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: nsupdate problem after DNSSEC

2011-01-05 Thread Phil Mayers


On 01/05/2011 08:09 AM, Michelle Konzack wrote:

I have update mydns1  to DNSSEC and now I have two probems...


Do you mean you have signed your zone?

If so, you are aware that bind requires the zone-signing key to be 
available in order to perform updates - like this:


zone $name {
  type master;
  allow-update { ... };
  key-directory /var/named/data/keys/$name;
};

...and in /var/named/data/keys/$name you need the:

K$name.+005+id.key
K$name.+005+id.private

...files?
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: nsupdate problem after DNSSEC

2011-01-05 Thread Michelle Konzack

Hello Phil Mayers,

Am 2011-01-05 09:19:11, hacktest Du folgendes herunter:
 Do you mean you have signed your zone?

Yes

 If so, you are aware that bind requires the zone-signing key to be
 available in order to perform updates - like this:
 
 zone $name {
   type master;
   allow-update { ... };

allow-update or allow-transfer?

I have the later one and it seems, my zones  where  transfered  after  a
forced reboot of dns2,  but  only  the  ZONEs  which  have  an  IP  in
allow-transfer.  tamay-dogan.net use a key and it does not work.

   key-directory /var/named/data/keys/$name;
 };

Ahh, I have to add this?

 ...and in /var/named/data/keys/$name you need the:
 
 K$name.+005+id.key
 K$name.+005+id.private

many of them

Thanks, Greetings and nice Day/Evening
Michelle Konzack

-- 
# Debian GNU/Linux Consultant ##
   Development of Intranet and Embedded Systems with Debian GNU/Linux

itsyst...@tdnet France EURL   itsyst...@tdnet UG (limited liability)
Owner Michelle KonzackOwner Michelle Konzack

Apt. 917 (homeoffice)
50, rue de Soultz Kinzigstraße 17
67100 Strasbourg/France   77694 Kehl/Germany
Tel: +33-6-61925193 mobil Tel: +49-177-9351947 mobil
Tel: +33-9-52705884 fix

http://www.itsystems.tamay-dogan.net/  http://www.flexray4linux.org/
http://www.debian.tamay-dogan.net/ http://www.can4linux.org/

Jabber linux4miche...@jabber.ccc.de
ICQ#328449886

Linux-User #280138 with the Linux Counter, http://counter.li.org/


signature.pgp
Description: Digital signature
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

nsupdate problem after DNSSEC

Re: nsupdate problem after DNSSEC upgrade

Re: nsupdate problem after DNSSEC

Re: nsupdate problem after DNSSEC

4 matches

Site Navigation

Mail list logo

Footer information