Show Posts
1
23.1 Legacy Series / Bind 1.25_2 - Allow dynamic updates from DHCPv4
« on: January 31, 2023, 12:47:59 am »
Hello,
I just saw that the latest BIND plugin allow the use of the hmac-sha512 algorithm so I've now configured DHCPv4 with the key generated in the advanced section of BIND to allow the service to dynamically update my primary zone.
Everything seems correct but the update is not allowed on the zone and I get this message:
2023-01-31T00:24:26.389000 update-security Informational client @0x805aacd60 192.168.10.1#60763/key rndc-key: update 'home.local/IN' denied
I see that the option to allow updates of my primary zone doesn't exist in the named.conf (should be something like
"allow-update { key rndc-key; };") but I can't find an option in the zone to allow updates, only queries.
Is there still an option missing in the BIND plugin to allow dynamic updates?
I just saw that the latest BIND plugin allow the use of the hmac-sha512 algorithm so I've now configured DHCPv4 with the key generated in the advanced section of BIND to allow the service to dynamically update my primary zone.
Everything seems correct but the update is not allowed on the zone and I get this message:
2023-01-31T00:24:26.389000 update-security Informational client @0x805aacd60 192.168.10.1#60763/key rndc-key: update 'home.local/IN' denied
I see that the option to allow updates of my primary zone doesn't exist in the named.conf (should be something like
"allow-update { key rndc-key; };") but I can't find an option in the zone to allow updates, only queries.
Is there still an option missing in the BIND plugin to allow dynamic updates?