I reckon I've narrowed it down to the fact that the DNS server is not
accepting the key it's being offered.
The final transaction I receive from an nsupdate exchange offers;
---------------------------------------------------------------------------------------
;; TSIG PSEUDOSECTION:
domain1_key. 0 ANY TSIG hmac-md5.sig-alg.reg.int.
1297798631 300 16 P0HVLAVNuSartbLEAqQ3Lg== 22243 NOERROR 0
Reply from update query:
;; ->>HEADER<<- opcode: UPDATE, status: _*NOTAUTH*_, id: 22243
;; flags: qr ra ; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 1
;; TSIG PSEUDOSECTION:
domain1_key. 0 ANY TSIG hmac-md5.sig-alg.reg.int.
1297798631 300 16 8KsZzvC3KJQNnX4EErqdXQ== 22243 NOERROR 0
--------------------------------------------------------------------------------------
So pretty much the same error as syslog was offering up. But I don't
seem to be able to hit on the right google keyword combination to offer
up the solution.
Can anyone with some in-depth (basically more than me - which is not
going to be hard) knowledge offer me avenues to chase down?
I have checked, dbl-checked and triple-checked that the key is generated
correctly. I have the correct key notation in named.conf, dhcpd.conf,
rndc.conf and rndc.key.
But I'm obviously missing come pivotal step in either permissions or
configuration.
------------------------------------------------------------------------
Kind Regards
Kyle
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html