From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <anatol%VB3397@VB3397.spb.edu>
x-sender: anatol@vb3397.spb.edu
x-receiver: community@altlinux.ru
Date: Tue, 21 Oct 2003 01:47:15 +0400
From: "Anatol B. Bazjukin" <anatol@VB3397.spb.edu>
X-Mailer: The Bat! (v2.00.22) Personal
Organization: IRH
X-Priority: 3 (Normal)
Message-ID: <374296078.20031021014715@vb3397.spb.edu>
To: community@altlinux.ru
Subject: [Comm] DNS проблема
MIME-Version: 1.0
Content-Type: text/plain; charset=Windows-1251
Content-Transfer-Encoding: 8bit
Content-Transfer-Encoding: 8bit
X-BeenThere: community@altlinux.ru
X-Mailman-Version: 2.1.2
Precedence: list
Reply-To: community@altlinux.ru
List-Id: <community.altlinux.ru>
List-Unsubscribe: <http://www.altlinux.ru/mailman/listinfo/community>,
	<mailto:community-request@altlinux.ru?subject=unsubscribe>
List-Archive: <http://lrn.ru/pipermail/community>
List-Post: <mailto:community@altlinux.ru>
List-Help: <mailto:community-request@altlinux.ru?subject=help>
List-Subscribe: <http://www.altlinux.ru/mailman/listinfo/community>,
	<mailto:community-request@altlinux.ru?subject=subscribe>
X-List-Received-Date: Mon, 20 Oct 2003 21:47:26 -0000
X-List-Received-Date: Mon, 20 Oct 2003 21:47:26 -0000
Archived-At: <http://lore.altlinux.org/community/374296078.20031021014715@vb3397.spb.edu/>
List-Archive: <http://lore.altlinux.org/community/>
List-Post: <mailto:mandrake-russian@linuxteam.iplabs.ru>

Hello ,

На связке двух машин моделируется будущая сеть:
клиенты - ХР
сервер  - ALTM 2.2 из коробки

Адрес сервера 192.168.168.3 server.test.ru
Установлен DHCP и DNS.

Cоздаю динамический DHCP:

dhcp.conf

ddns-updates on;
ddns-update-style interim;
ddns-domainname "test.ru";
ddns-rev-domainname "in-addr.arpa";
include "/var/lib/bind/etc/rndc.key" ;

zone test.ru. {primary 192.168.168.3 ; key rndc-key ;}
zone 168.168.192.in-addr-arpa. { primary 192.168.168.3 ; key rndc-key ;}

option domain-name-servers 192.168.168.3;
option domain-name "test.ru";

Далее стандартно.

В конфигурации BIND добавление в local.conf:

zone "test.ru" {
        type master;
        file "/var/lib/bind/zone/test.ru.hosts";
        allow-update {key rndc-key; }; };

zone "168.168.192.in-addr.arpa" {
        type master;
        file "/var/lib/bind/zone/192.168.168.rev";
        allow-update { key rndc-key; };
        };

C ХР машины ipconfig/relase ipconfig/renew -
прямая зона- OK
security: debug 3: client 192.168.168.3#1042: request has valid signature
security: debug 3: client 192.168.168.3#1042: recursion available: approved
security: debug 3: client 192.168.168.3#1042: update 'test.ru/IN' approved

обратная -
security: debug 3: client 192.168.168.3#1042: request is not signed
security: debug 3: client 192.168.168.3#1042: recursion available: approved
security: error: client 192.168.168.3#1042: update '168.168.192.in-addr.arpa/IN' denied

Замена
allow-update { key rndc-key; }; на allow-update { any; };
прямая зона- OK
обратная - OK


Поскольку опыта на Linux драхма требуется помощь.

-- 
Best regards,
 Anatol                          mailto:anatol@vb3397.spb.edu