Ah, ok.
Thanks for the explanation John.
I have never before had to use nsupdate. I just tried it because Peter
suggested it and I figured it's a way to test dns updates manually.
I have always used BIND with rndc.key and it used to work. What's then
the difference between nsupdate and rndc and using BIND?
------------------------------------------------------------------------
Kind Regards
Kyle
On 15/02/11 6:52 PM, John Clarke wrote:
On Tue, Feb 15, 2011 at 05:35:10PM +1100, Kyle wrote:
domain domain1.com
incorrect section name: domain
I suspect you mean "zone domain1.com". "domain" is not a valid command.
nsupdate -k /etc/rndc.key - The man page says that that format
requires a filename in the format 'K{name}.+157.+{random}.private'.
That's a new one on me. Where, why& how is that needed?
That's been the case for as long as I've been using nsupdate, at least
five years. The filename format is what dnssec-keygen outputs when you
ask it to generate a key.
One other thing you need to make sure of is that the client and server
have their clocks synchronised (e.g. with ntp), otherwise the update
will fail.
There's an nsupdate HOWTO here:
http://caunter.ca/nsupdate.txt
and I have a page explaining how to get DHCP3 to do DDNS updates here:
http://kirriwa.net/john/doc/ddns.html
John
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
