In message
<CANX+b1K5Z28oqVnb7=fxwgrhl5yssg0ear_fnnpyudzjcdy...@mail.gmail.com>, Josh
Nielsen writes:
I have a message that has been showing up in my master DNS server's log
over the past few weeks and I am wondering if I can find more verbose
specifics from debugging messages in BIND somehow.
The messsage looks like this:
May 16 10:52:16 dns01 named[2591]: 16-May-2016 10:52:16.844
update-security: error: client 10.20.0.101#34148: update 'my.domain/IN'
denied
On 17.05.16 07:24, Mark Andrews wrote:
It a UPDATE request being denied. It will be some process other
than named sending the request unless you have configured named to
forward updates.
In the best of worlds every machine would be updating its own PTR
records and keep its own addresses in the DNS up to date.
depends on the idealness of the world, but I personally don't like allowing
clients to update their DNS records, imho the DHCP server should do those
changes if it assigne the client an IP address
Master (10.20.0.110):
zone "my.domain" in {
type master;
file "db.my.domain";
allow-transfer {
10.20.0.100/32;
10.20.0.101/32;
};
allow-update {
key "xcat_key";
};
notify yes;
also-notify {10.20.0.100; 10.20.0.101;};
};
apparently the client who asks for update does not know the "xcat_key".
...many windows machines tend to register their name in DNS (it's
on by default in netowrk settings).
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
"They say when you play that M$ CD backward you can hear satanic messages."
"That's nothing. If you play it forward it will install Windows."
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
