In message <[email protected]>, xu do ng writes: > Hi, > I have a problem about the DDNS ,When I nsupdated the master dns server > under with dnssec,but it failed as following: > > *r...@root:/var/named/chroot/etc# nsupdate -d > > server 192.168.225.130 5353 > > update add test.net 900 A 5.5.5.5 > > > Reply from SOA query: > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32603 > ;; flags: qr aa ; QUESTION: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 > ;; QUESTION SECTION: > ;test.net. IN SOA > > ;; AUTHORITY SECTION: > net. 300 IN SOA dns.net. dns.net. > 2010011806 10800 60 604800 10800 > > Found zone name: net > The master is: dns.net > Sending update to 192.168.225.130#5353 > Outgoing update query: > ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 30960 > ;; flags: ; ZONE: 1, PREREQ: 0, UPDATE: 1, ADDITIONAL: 0 > ;; UPDATE SECTION: dns.net. 900 IN A 5.5.5.5 > > Reply from update query: > ;; ->>HEADER<<- opcode: UPDATE, status: SERVFAIL, id: 30960 > ;; flags: qr ; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0 > > * > > But when i nsupdated the master dns server without dnssec, it succeed. So I > don't know why?
Did you look at the master's logs? Have you told named where the private keys are? Are the private keys readable by named? > -- > --------------------------------------------------------- > Xudong > [email protected] > Beijing,China > --------------------------------------------------------- > -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: [email protected] _______________________________________________ bind-users mailing list [email protected] https://lists.isc.org/mailman/listinfo/bind-users
