DNSOP mailing list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: bind9-bugs@isc.org
cc: dnsop@cafax.se
From: Michael Richardson <mcr@sandelman.ottawa.on.ca>
Date: Sun, 17 Mar 2002 01:17:50 -0600
Sender: owner-dnsop@cafax.se
Subject: limitations on nsupdate


  Are there known limitations on what kinds of records nsupdate can process?

I run the following script:

#!/bin/sh

exec >/var/log/nsupdate.log
exec 2>&1

cd /etc/namedb

host=$1

keyrec=`ipsec showhostkey | sed 1d | (read name rest && echo $name 3600 $rest)`

nsupdate -d -v -k K$host.+157+26817.private <<EOF
server 192.139.46.30
zone dasblinkenled.org
update delete $host KEY
update add $keyrec
send
EOF

I get the following output. The unknown class/type suggests to me that it can 
not process KEY RR. I can see no mention of any limitation in the man page.

[root@ietf-lapdog-1 etc]# more /var/log/nsupdate.log 
+ cd /etc/namedb
+ host=ietf-lapdog-1.dasblinkenled.org
++ ipsec showhostkey
++ read name rest
++ sed 1d
++ echo ietf-lapdog-1.dasblinkenled.org. 3600 IN KEY 0x4200 4 1 AQN05UOtgPXQ89n4
y0UZomN0ax3ESwrgc1u2CQa3PDVsEtbY6ZR3gnJunU0BFaNEupi1z6JP3fq1fYgzJ4HTujLYCPaxCLVS
GqdaGdxNDpiwJZ+iE8zpZH3pj1jSk+6Iz2PH/8ZIDWWknw7uDM3linOx5RtTEPATS9LS91YlxVxaFyBT
AbkOUizcsZYDo8c25+rQ2FMxguN2CFjyah4LnvI6hqpoSuEZeFtyBxJnSfRvYoW3SKzRPq7BBivb21Na
74h+VfSEZWf6uykrfJmQAbV6t/PPwry6QR3TFwXk6v+wonqXgnwemdPnyp891SmaGmUw407hMGRqD2h8
p634KpSP
+ keyrec=ietf-lapdog-1.dasblinkenled.org. 3600 IN KEY 0x4200 4 1 AQN05UOtgPXQ89n
4y0UZomN0ax3ESwrgc1u2CQa3PDVsEtbY6ZR3gnJunU0BFaNEupi1z6JP3fq1fYgzJ4HTujLYCPaxCLV
SGqdaGdxNDpiwJZ+iE8zpZH3pj1jSk+6Iz2PH/8ZIDWWknw7uDM3linOx5RtTEPATS9LS91YlxVxaFyB
TAbkOUizcsZYDo8c25+rQ2FMxguN2CFjyah4LnvI6hqpoSuEZeFtyBxJnSfRvYoW3SKzRPq7BBivb21N
a74h+VfSEZWf6uykrfJmQAbV6t/PPwry6QR3TFwXk6v+wonqXgnwemdPnyp891SmaGmUw407hMGRqD2h
8p634KpSP
+ nsupdate -d -v -k Kietf-lapdog-1.dasblinkenled.org.+157+26817.private
Creating key...
invalid rdata format: unknown class/type

Reply from update query:
;; ->>HEADER<<- opcode: UPDATE, status: SERVFAIL, id:  37993
;; flags: qr ra ; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 1
;; TSIG PSEUDOSECTION:
ietf-lapdog-1.dasblinkenled.org. 0 ANY  TSIG    hmac-md5.sig-alg.reg.int. 101634
9249 300 16 1E1fZ/ean/BKRHHiGp6SnQ== 37993 NOERROR 0 


> > > > > Outgoing update query:
;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id:  37993
;; flags: ; ZONE: 1, PREREQ: 0, UPDATE: 1, ADDITIONAL: 1
;; ZONE SECTION:
;dasblinkenled.org.             IN      SOA

;; UPDATE SECTION:
ietf-lapdog-1.dasblinkenled.org. 0 ANY  KEY

;; TSIG PSEUDOSECTION:
ietf-lapdog-1.dasblinkenled.org. 0 ANY  TSIG    hmac-md5.sig-alg.reg.int. 101634
9249 300 16 dzB4tUPzCUML248X5eW9pw== 37993 NOERROR 0 

]       ON HUMILITY: to err is human. To moo, bovine.           |  firewalls  [
]   Michael Richardson, Sandelman Software Works, Ottawa, ON    |net architect[
] mcr@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another NetBSD/notebook using, kernel hacking, security guy");  [

Prev by Date: dhcpd and ddyn-updates
Next by Date: Agenda?
Prev by thread: dhcpd and ddyn-updates
Next by thread: Agenda?
Index(es):
- Date
- Thread

Home | Date list | Subject list