I am currently running an ISC-DHCP server and a BIND9 server.
Both have been reinstalled and I wanted to activate DDNS as well.
I also configured DDNS and a test with NSUPDATE was successful. (nsUpdate done and then use "dig" to check if there is an entry)
Now I unfortunately get an error in the logs of the DHCP server.
Code: Select all
Feb 26 21:46:17 dc named[2168]: client 127.0.0.1#13213: request has invalid signature: TSIG ddns_update: tsig verify failure (BADKEY)
Feb 26 21:46:17 dc dhcpd[3371]: Unable to add forward map from TA-PC.angl.loc to 192.168.170.10: tsig indicates error
Feb 26 21:46:17 dc named[2168]: client 127.0.0.1#47585: request has invalid signature: TSIG ddns_update: tsig verify failure (BADKEY)
Feb 26 21:46:17 dc dhcpd[2968]: Unable to add forward map from TA-PC.angl.loc to 192.168.170.10: tsig indicates error
The test with nsupdate works with the same key.
Enclosed my config files.
/etc/bind/ddns.key & /etc/bind/ddns.key
Code: Select all
key DDNS_UPDATE {
algorithm hmac-md5;
secret "SECRET_KEY";
};
Code: Select all
authoritative;
option domain-name "angl.loc";
ddns-updates on;
ddns-update-style interim;
ignore client-updates;
update-static-leases on;
default-lease-time 600;
max-lease-time 7200;
log-facility local7;
include "/etc/dhcp/ddns.key";
zone angl.loc. {
primary 127.0.0.1;
key DDNS_UPDATE;
}
zone 170.168.192.in-addr.arpa. {
primary 127.0.0.1;
key DDNS_UPDATE;
}
# Default
subnet 192.168.170.0 netmask 255.255.255.0 {
range 192.168.170.100 192.168.170.200;
option routers 192.168.170.1;
option domain-name-servers 192.168.170.20, 192.168.170.1;
option domain-name "angl.loc";
}
From here the reservations come which should be irrelevant at this point.
Code: Select all
//
// Do any local configuration here
//
// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
include "/etc/bind/ddns.key";
// ----------------------- Zones -----------------------
// Forward-Lookup
zone "angl.loc" {
type master;
notify no;
file "/var/lib/bind/db.angl";
allow-update { key DDNS_UPDATE; };
};
// Reverse-Lookup
zone "170.168.192.in-addr.arpa" {
type master;
notify no;
file "/var/lib/bind/db.170.168.192";
allow-update { key DDNS_UPDATE; };
};
// ----------------------- Zones -----------------------
Greetings
DerT