Re: Update RPZ zone records

Wed, 24 Jan 2018 18:14:48 -0800

it worked!!! finally thank you for help. It was the directory permission issue causing dns to SERVFAIL 

On 25/01/18 01:40, Mark Andrews wrote:

Look at the sever’s logs.


On 25 Jan 2018, at 11:39 am, Anvar Kuchkartaev <an...@aegisnet.eu> wrote:

I updated nsuptate.txt and added .rpz to the end of the record now SERVFAIL 
happened

nsupdate.txt:

server localhost
zone rpz
update add 32.213.60.86.188.rpz-client-ip.rpz        60    CNAME    
rpz-passtrhu.
show
send



command result:

Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:      0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; ZONE SECTION:
;rpz.                IN    SOA

;; UPDATE SECTION:
32.213.60.86.188.rpz-client-ip.rpz. 60 IN CNAME    rpz-passtrhu.

update failed: SERVFAIL




On 24/01/18 22:46, Mark Andrews wrote:

  Nsupdate treats all names as absolute so you need to add the .rpz to the end.



On 25 Jan 2018, at 08:19, Anvar Kuchkartaev via bind-users 
<bind-users@lists.isc.org>
  wrote:

Hello,

I am trying to update RPZ zone records dynamically using nsupdate. But 
unfortunately I am facing with NOTZONE option.

nsupdate -k /etc/rndc.key < nsupdate.txt

Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:      0
;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
;; ZONE SECTION:
;rpz.                IN    SOA

;; UPDATE SECTION:
32.213.60.86.188.rpz-client-ip.    60 IN    CNAME rpz-passtrhu.

update failed: NOTZONE


nsupdate.txt:

server localhost
zone rpz
update add 32.213.60.86.188.rpz-client-ip.        60    CNAME rpz-passtrhu.
show
send


my rpz zone:

zone "rpz" IN {
     type master;
     file "named.rpz";
     allow-query { localhost; };
     update-policy {
                 grant rndc-key zonesub ANY;
         };
};

Any help will be greatly appreciated,

--
Anvar Kuchkartaev

an...@aegisnet.eu


_______________________________________________
Please visit
https://lists.isc.org/mailman/listinfo/bind-users
  to unsubscribe from this list

bind-users mailing list

bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
--
Anvar Kuchkartaev

an...@aegisnet.eu


--
Anvar Kuchkartaev
an...@aegisnet.eu

_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users





















					Reply via email to