[Pdns-users] DDNS with TSIG not working, need assistance
mrobti at insiberia.net
mrobti at insiberia.net
Mon Nov 14 01:56:50 UTC 2016
I'm having a hard time knowing how to debug this message:
Packet for domain 'local.' denied: can't find TSIG key with name
'tsig.key.local.' and algorithm 'hmac-sha512.'
Is that a small bug that is reporting the algorithm with a dot at the
end? Or is it my problem? I double-checked that the algorithm is not
being specified with a dot on either side, so if that's the problem, I
don't know how to fix it.
I have a single TSIG entry:
id | name | algorithm | secret
1 | tsig.key.local. | hmac-sha512 | xxxxxxxxx....
And one domain meta-data entry:
id | domain_id | kind | content
1 | 1 | TSIG-ALLOW-DNSUPDATE | tsig.key.local.
(and only one domain being served DNS)
With debugging I only get a little more:
pdns[1982]: Remote 192.168.1.1 wants 'local.|SOA', do = 0, bufsize =
512: packetcache MISS
pdns[1982]: Query: select algorithm, secret from tsigkeys where name=?
pdns[1982]: Packet for domain 'local.' denied: can't find TSIG key with
name 'tsig.key.local.' and algorithm 'hmac-sha512.'
pdns[1982]: Received a TSIG signed message with a non-validating key
I can't seem to get MySQL logging to show the variable substitutions for
prepared queries, so I don't know if the query arguments are incorrect
or if the data being returned is not what PDNS is expecting?
How can I proceed?
More information about the Pdns-users
mailing list