Comecei tudo do zero...
e agora esta aparecendo essas msg de erro..
apps04# tail -f /var/log/messages
Feb 15 10:54:45 apps04 named[331]: client 192.168.1.27#1532: update
'dominio.com.br/IN' denied
Feb 15 10:54:56 apps04 named[331]: client 192.168.1.40#1674: update
'dominio.com.br/IN' denied
Feb 15 10:56:53 apps04 named[331]: client 192.168.1.41#1054: update
'dominio.com.br/IN' denied
Feb 15 10:59:45 apps04 named[331]: client 192.168.1.27#1556: update
'dominio.com.br/IN' denied
Feb 15 10:59:56 apps04 named[331]: client 192.168.1.40#1688: update
'dominio.com.br/IN' denied
Feb 15 11:00:49 apps04 named[331]: client 192.168.1.41#1078: update
'dominio.com.br/IN' denied
Feb 15 11:04:45 apps04 named[331]: client 192.168.1.27#1576: update
'dominio.com.br/IN' denied
Feb 15 11:04:56 apps04 named[331]: client 192.168.1.40#1700: update
'dominio.com.br/IN' denied
Feb 15 11:06:24 apps04 named[331]: dumping master file:
master/tmp-PrKkiW5Sp1: open: permission denied
Feb 15 11:06:26 apps04 named[331]: client 192.168.1.41#1059: update
'dominio.com.br/IN' denied
Veja so o meu named.conf
apps04# cat /etc/namedb/named.conf
options {
directory "/etc/namedb";
pid-file "/var/run/named/pid";
dump-file "/var/dump/named_dump.db";
statistics-file "/var/stats/named.stats";
};
key "rndc-key" {
algorithm hmac-md5;
secret "secret";
};
zone "0.0.127.IN-ADDR.ARPA" {
type master;
file "master/localhost.rev";
};
zone "1.168.192.in-addr.arpa" {
type master;
file "master/1.168.192.in-addr.arpa";
allow-update { key rndc-key; };
allow-transfer { 127/8; 192.168.1.0/16;};
allow-query { 127/8; 192.168.1.0/16;};
};
zone "dominio.com.br" {
type master;
file "master/dominio.com.br";
allow-update { key rndc-key; };
allow-transfer { 127/8; 192.168.1.0/16;};
allow-query { 127/8; 192.168.1.0/16;};
};
e meu dhcp.conf
apps04# cat /usr/local/etc/dhcpd.conf |grep -v #
key "rndc-key" {
algorithm hmac-md5;
secret "secret";
}
zone dominio.com.br {
primary 127.0.0.1;
key rndc-key;
}
zone 1.168.192.in-addr.arpa {
primary 127.0.0.1;
key rndc-key;
}
default-lease-time 600;
max-lease-time 7200;
authoritative;
ddns-update-style ad-hoc;
ddns-updates on;
log-facility local7;
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.10 192.168.1.150;
option domain-name-servers 192.168.1.234;
option domain-name "dominio.com.br";
option routers 192.168.1.249;
default-lease-time 600;
max-lease-time 7200;
}
as permisoes...
apps04# ls -l /etc/namedb/
total 20
-rwxrwx--- 1 root wheel 423 Nov 5 01:27 PROTO.localhost-v6.rev
-rwxrwx--- 1 root wheel 423 Nov 5 01:27 PROTO.localhost.rev
drwxrwx--- 2 root wheel 512 Feb 10 13:01 dynamic
-rwxrwx--- 1 root wheel 1093 Nov 5 01:27 make-localhost
drwxr-xr-x 2 root wheel 512 Feb 15 09:57 master
-rwxrwx--- 1 root wheel 783 Feb 15 10:14 named.conf
-rwxrwx--- 1 root wheel 2600 Nov 5 01:27 named.root
-rw------- 1 bind wheel 97 Feb 15 08:44 rndc.key
drwxr-xr-x 2 bind wheel 512 Feb 15 09:53 slave
apps04# ls -l /etc/namedb/master/
total 12
-rwxr-xr-x 1 bind wheel 425 Feb 15 10:25 1.168.192.in-addr.arpa
-rw-r--r-- 1 bind wheel 2175 Feb 15 11:01 1.168.192.in-addr.arpa.jnl
-rwxr-xr-x 1 bind wheel 472 Feb 13 18:37 localhost.rev
-rwxr-xr-x 1 bind wheel 312 Feb 15 10:26 dominio.com.br
-rw-r--r-- 1 bind wheel 1796 Feb 15 11:01 dominio.com.br.jnl
e os processos...
apps04# ps -aux| grep dhcp
dhcpd 655 0.0 0.1 3808 2884 ?? Is 11:01AM 0:00.01
/usr/local/sbin/dhcpd -cf /usr/local/etc/dhcpd.conf -lf
/var/db/dhcpd/dhcpd.leases -pf /var/run
apps04# ps -aux | grep bind
bind 331 0.0 0.2 5804 4560 ?? Ss 10:54AM 0:00.43
/usr/sbin/named -u bind -t /var/named
root 341 0.0 0.1 1420 1080 ?? Is 10:54AM 0:00.00
/usr/sbin/rpcbind
ja alterei o usuario do dhcpd para root e bind..
e o erro continua aparecendo...
mas agora eu acho que esta quase la...
> vc deve defenir assim olhe para que o dynamic update funcione
> named.conf
>
> key DHCP_UPDATER {
> algorithm HMAC-MD5.SIG-ALG.REG.INT;
> secret pRP5FapFoJ9gkvgkljtyol5J;
> };
>
>
> zone "biosystems.ath.cx" IN {
> type master;
> file "bio/db.biosystems";
> allow-update { key DHCP_UPDATER; };
> allow-transfer { 127/8; 10.0.1/24; 192.168.33/29;
192.168.42/29; };
> allow-query { 127/8; 10.0.1/24; 192.168.33/29; 192.168.42/29; };
> };
>
> zone "1.0.10.in-addr.arpa" IN {
> type master;
> file "bio/db.1.0.10";
> allow-update { key DHCP_UPDATER; };
> allow-transfer { 127/8; 10.0.1/24; 192.168.33/29;
192.168.42/29; };
> allow-query { 127/8; 10.0.1/24; 192.168.33/29; 192.168.42/29; };
> };
>
>
> dhcpd.conf
>
> ddns-update-style adhoc;
>
> key DHCP_UPDATER {
> algorithm HMAC-MD5.SIG-ALG.REG.INT;
> secret pRP5FapFoJ9gkvgkljtyol5J;
> };
>
> zone biosystems.ath.cx. {
> primary 10.0.1.1;
> key DHCP_UPDATER;
> }
>
>
> zone 1.0.10.in-addr.arpa. {
> primary 10.0.1.1;
> key DHCP_UPDATER;
> }
>
>
> somente isso. be happy
>
>
>
> outra cois muito boa é o dhcpd fail over facil de implementar e
> simples de gerenciar deem uma lida por ai . é super simples.
>
--
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.300 / Virus Database: 265.8.7 - Release Date: 10/02/2005
_______________________________________________________________
Para enviar um novo email para a lista: freebsd@fug.com.br
Sair da Lista: http://mail.fug.com.br/mailman/listinfo/freebsd_fug.com.br
Historico: http://www4.fugspbr.org/lista/html/FUG-BR/
