Hello everyone, I use nsupdate to dynamically update a reverse lookup zone hosted by my BIND9 setup. For that purpose, I've created host-type HMAC-MD5 keys, added an appropriate "key" section to my configuration, added the updating host to the "controls" section, and added an "allow-update" parameter to the zone configuration like this:
zone "[...]" in { type master; [...] allow-update { key "key-name"; }; }; I pass the key to nsupdate using one (either) of the keyfiles generated by dnssec-keygen with the -k parameter. Unfortunately this doesn't work. When running nsupdate, I get a "failed: not authoritative for update zone (NOTAUTH)" error in my server log file, and no updating is done. I'm confused about the error message because both the BIND configuration file and the SOA record of the zone state that the server indeed is authoritative for the update zone. Also, this configuration works fine with a dhcpd updating a different zone hosted by the same server. Googling yields a few people with similar problems but no real solution. Any hints on what I might be doing wrong are appreciated. Benedikt _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users