ISC-DHCP和Bind9:反向映射(NOTAUTH)的DDNS更新失败
ISC-DHCP和Bind9:反向映射(NOTAUTH)的DDNS更新失败
提问于 2017-09-03 15:44:01
我在这个配置/etc/dhcp/dhcpd.conf中使用isc-dhcp-服务器:
ddns-updates on;
ddns-update-style interim;
include "/etc/bind/rndc.key";
authoritative;
zone bat. {
primary localhost;
key rndc-key;
}
zone lan.bat. {
primary localhost;
key rndc-key;
}
zone wlan.bat. {
primary localhost;
key rndc-key;
}
zone 10.in-addr.arpa. {
primary localhost;
key rndc-key;
}
zone 50.10.in-addr.arpa. {
primary localhost;
key rndc-key;
}
zone 100.10.in-addr.arpa. {
primary localhost;
key rndc-key;
}
subnet 10.50.0.0 netmask 255.255.0.0 {
range 10.50.100.100 10.50.100.199;
interface eth0;
option domain-name-servers 10.50.0.1;
option domain-name "lan.bat";
option domain-search "lan.bat", "bat", "wlan.bat";
option routers 10.50.0.1;
option broadcast-address 10.50.255.255;
default-lease-time 600;
max-lease-time 7200;
}
subnet 10.100.0.0 netmask 255.255.0.0 {
range 10.100.100.100 10.100.100.199;
interface wlan0;
option domain-name-servers 10.100.0.1;
option domain-name "wlan.bat";
option domain-search "wlan.bat", "bat", "lan.bat";
option routers 10.100.0.1;
option broadcast-address 10.100.255.255;
default-lease-time 600;
max-lease-time 7200;
}bind9和这个/etc/bind/named.conf.local:
include "/etc/bind/rndc.key";
zone "bat" {
type master;
file "/etc/bind/zones/db.bat.zone";
notify yes;
allow-update { key rndc-key; };
};
zone "lan.bat" {
type master;
file "/etc/bind/zones/db.lan.bat.zone";
notify yes;
allow-update { key rndc-key; };
};
zone "wlan.bat" {
type master;
file "/etc/bind/zones/db.wlan.bat.zone";
notify yes;
allow-update { key rndc-key; };
};
zone "10.in-addr-arpa" {
type master;
file "/etc/bind/zones/db.rev.10.in-addr-arpa.zone";
allow-update { key rndc-key; };
};
zone "50.10.in-addr-arpa" {
type master;
file "/etc/bind/zones/db.rev.50.10.in-addr-arpa.zone";
allow-update { key rndc-key; };
};
zone "100.10.in-addr-arpa" {
type master;
file "/etc/bind/zones/db.rev.100.10.in-addr-arpa.zone";
allow-update { key rndc-key; };
};当我重新连接到一个客户端来选择一个新的IP时,我的syslog说:
Sep 3 07:09:12 alfred named[7393]: client 127.0.0.1#7429/key rndc-key: signer "rndc-key" approved
Sep 3 07:09:12 alfred named[7393]: client 127.0.0.1#7429/key rndc-key: updating zone 'lan.bat/IN': adding an RR at 'batmobil.lan.bat' A 10.50.100.100
Sep 3 07:09:12 alfred named[7393]: client 127.0.0.1#7429/key rndc-key: updating zone 'lan.bat/IN': adding an RR at 'batmobil.lan.bat' TXT "00b1a718622197bea9dacc93e33fb507f8"
Sep 3 07:09:12 alfred dhcpd[7367]: DHCPREQUEST for 10.50.100.100 (10.50.0.1) from 00:16:d3:39:2e:69 (batmobil) via eth0
Sep 3 07:09:12 alfred dhcpd[7367]: DHCPACK on 10.50.100.100 to 00:16:d3:39:2e:69 (batmobil) via eth0
Sep 3 07:09:12 alfred dhcpd[7367]: Added new forward map from batmobil.lan.bat to 10.50.100.100
Sep 3 07:09:12 alfred named[7393]: client 127.0.0.1#7429/key rndc-key: updating zone '10.IN-ADDR.ARPA/IN': update failed: not authoritative for update zone (NOTAUTH)
Sep 3 07:09:12 alfred dhcpd[7367]: DDNS: bad zone information, repudiating zone 50.10.in-addr.arpa.
Sep 3 07:09:12 alfred dhcpd[7367]: DDNS: Failed to retry after zone failure
Sep 3 07:09:12 alfred dhcpd[7367]: Unable to add reverse map from 100.100.50.10.in-addr.arpa. to batmobil.lan.bat: failure从我的搜索中,我了解到来自命名update failed: not authoritative for update zone (NOTAUTH)的消息指向没有权威的DHCP服务器。尽管我相信已经发现了问题(请告诉我是否错了),但我无法解决。因此,我的问题是:如何配置dhcp/bind以获得反向映射?
回答 1
Server Fault用户
回答已采纳
发布于 2017-09-03 16:22:41
绑定配置中的区域拼写错误,例如50.10.in-addr-arpa而不是50.10.in-addr.arpa。
此外,您应该考虑为此目的创建一个单独的TSIG密钥,而不是在完全不同的上下文中滥用rndc的密钥。
页面原文内容由Server Fault提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://serverfault.com/questions/871850
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号