5 Zář
2023
5 Zář
'23
19:38
Hi Knot-DNS Support,
I'm trying simple DDNS scenario (no keys, no DNSSEC) with failing result.
Knot-DNS is installed from docker image.
Could you let me know what is the issue (NOAUTH) and how can I solve it
or if this scenario is not supported what exactly is required by DDNS?
-------------------------------------------
knot.conf:
server:
rundir: "/rundir"
user: knot:knot
automatic-acl: on
listen: 0.0.0.0@53
log:
- target: stdout
server: debug
zone: debug
any: debug
database:
storage: "/storage"
acl:
- id: acl_update
action: update
- id: acl_transfer
action: transfer
template:
- id: default
storage: "/storage"
file: "%s.zone"
zone:
# Primary zone
- domain: example.com
acl: [acl_update, acl_transfer]
----------------------------------------------
update:
server 10.2.0.88
zone exmaple.com
update add _acme-challenge.example.com. 300 TXT "aaaaa"
send
--------------------------------------------
knsupdate -d < update
;; DEBUG: cmd_server: lp='10.2.0.88'
;; DEBUG: parse_host: parsed addr: 10.2.0.88
;; DEBUG: cmd_zone: lp='exmaple.com'
;; DEBUG: cmd_update: lp='add _acme-challenge.example.com. 300 TXT
"aaaaa"'
;; DEBUG: cmd_add: lp='_acme-challenge.example.com.com. 300 TXT "aaaaa"'
;; DEBUG: cmd_send: lp=''
;; DEBUG: sending packet
;; DEBUG: pkt_sendrecv: send_msg = 3
;; DEBUG: pkt_sendrecv: receive_msg = 29
;; ->>HEADER<<- opcode: UPDATE; status: NOTAUTH; id: 27029
;; Flags: qr; ZONE: 1; PREREQ: 0; UPDATE: 0; ADDITIONAL: 0
;; ZONE SECTION:
;; exmaple.com. IN SOA
;; ERROR: update failed with error 'NOTAUTH'
;; DEBUG: operation 'send' failed (failed) on line 'send'
;; DEBUG: srv_info_free: null parameter
-----------------------------------------
knotd log
2023-09-05T17:16:35+0000 info: Knot DNS 3.3.0 starting
2023-09-05T17:16:35+0000 info: loaded configuration file
'/config/knot.conf', mapsize 500 MiB
2023-09-05T17:16:35+0000 info: using UDP reuseport, incoming TCP Fast Open
2023-09-05T17:16:35+0000 info: binding to interface 0.0.0.0@53
2023-09-05T17:16:35+0000 info: changing GID to 8521
2023-09-05T17:16:35+0000 info: changing UID to 9396
2023-09-05T17:16:35+0000 info: loading 1 zones
2023-09-05T17:16:35+0000 info: [example.com.] zone will be loaded
2023-09-05T17:16:35+0000 info: starting server
2023-09-05T17:16:35+0000 info: [example.com.] zone file parsed, serial
2010111213
2023-09-05T17:16:35+0000 info: [example.com.] loaded, serial none ->
2010111213, 465 bytes
2023-09-05T17:16:35+0000 info: control, binding to '/rundir/knot.sock'
2023-09-05T17:16:35+0000 info: server started in the foreground, PID 8
2023-09-05T17:18:03+0000 info: [example.com.] control, received command
'zone-status'
2023-09-05T17:18:40+0000 info: [example.com.] control, received command
'zone-sign'
2023-09-05T17:18:40+0000 error: [example.com.] control, error (operation
not supported)
2023-09-05T17:18:52+0000 info: [example.com.] control, received command
'zone-read'
2023-09-05T17:18:56+0000 info: [example.com.] control, received command
'zone-read'
2023-09-05T17:18:56+0000 error: [example.com.] control, error (no such
node in zone found)
2023-09-05T17:19:00+0000 info: [example.com.] control, received command
'zone-read'
2023-09-05T17:19:45+0000 info: [example.com.] control, received command
'zone-set'
2023-09-05T17:19:45+0000 error: [example.com.] control, error (no active
transaction)
2023-09-05T17:22:57+0000 info: [example.com.] control, received command
'zone-set'
2023-09-05T17:22:57+0000 error: [example.com.] control, error (no active
transaction)
2023-09-05T17:23:49+0000 info: [example.com.] control, received command
'zone-begin'
2023-09-05T17:23:54+0000 info: [example.com.] control, received command
'zone-set'
2023-09-05T17:24:02+0000 info: [example.com.] control, received command
'zone-commit'
2023-09-05T17:24:02+0000 info: [example.com.] zone file updated, serial
2010111213 -> 2010111214
btw. no info positive/negative regarding the DDNS
--------------------------------------
example.com.zone
example.com. 3600 SOA dns1.example.com.
hostmaster.example.com. 2010111214 21600 3600 604800 86400
example.com. 3600 A 1.2.3.4
example.com. 3600 NS dns1.example.com.
example.com. 3600 NS dns2.example.com.
example.com. 3600 MX 10 mail.example.com.
dns1.example.com. 3600 A 192.0.2.1
dns1.example.com. 3600 AAAA 2001:db8::1
dns2.example.com. 3600 A 192.0.2.2
dns2.example.com. 3600 AAAA 2001:db8::2
mail.example.com. 3600 A 192.0.2.3
mail.example.com. 3600 AAAA 2001:db8::3
Thanks.
Best Regards,
JohnF
12 Úno
12 Úno
13:40
Hi,
I don't see any obvious mistake. The NOTAUTH response means that your DDNS request
wasn't authorized.
Enable the debug logging to get more information.
Daniel
On 9/5/23 19:38, JeeF Software spol. s r.o. wrote:
Hi Knot-DNS Support,
I'm trying simple DDNS scenario (no keys, no DNSSEC) with failing result.
Knot-DNS is installed from docker image.
Could you let me know what is the issue (NOAUTH) and how can I solve it or if this
scenario is not supported what exactly is required by DDNS?
-------------------------------------------
knot.conf:
server:
rundir: "/rundir"
user: knot:knot
automatic-acl: on
listen: 0.0.0.0@53
log:
- target: stdout
server: debug
zone: debug
any: debug
database:
storage: "/storage"
acl:
- id: acl_update
action: update
- id: acl_transfer
action: transfer
template:
- id: default
storage: "/storage"
file: "%s.zone"
zone:
# Primary zone
- domain: example.com
acl: [acl_update, acl_transfer]
----------------------------------------------
update:
server 10.2.0.88
zone exmaple.com
update add _acme-challenge.example.com. 300 TXT "aaaaa"
send
--------------------------------------------
knsupdate -d < update
;; DEBUG: cmd_server: lp='10.2.0.88'
;; DEBUG: parse_host: parsed addr: 10.2.0.88
;; DEBUG: cmd_zone: lp='exmaple.com'
;; DEBUG: cmd_update: lp='add _acme-challenge.example.com. 300 TXT
"aaaaa"'
;; DEBUG: cmd_add: lp='_acme-challenge.example.com.com. 300 TXT "aaaaa"'
;; DEBUG: cmd_send: lp=''
;; DEBUG: sending packet
;; DEBUG: pkt_sendrecv: send_msg = 3
;; DEBUG: pkt_sendrecv: receive_msg = 29
;; ->>HEADER<<- opcode: UPDATE; status: NOTAUTH; id: 27029
;; Flags: qr; ZONE: 1; PREREQ: 0; UPDATE: 0; ADDITIONAL: 0
;; ZONE SECTION:
;; exmaple.com. IN SOA
;; ERROR: update failed with error 'NOTAUTH'
;; DEBUG: operation 'send' failed (failed) on line 'send'
;; DEBUG: srv_info_free: null parameter
-----------------------------------------
knotd log
2023-09-05T17:16:35+0000 info: Knot DNS 3.3.0 starting
2023-09-05T17:16:35+0000 info: loaded configuration file '/config/knot.conf',
mapsize 500 MiB
2023-09-05T17:16:35+0000 info: using UDP reuseport, incoming TCP Fast Open
2023-09-05T17:16:35+0000 info: binding to interface 0.0.0.0@53
2023-09-05T17:16:35+0000 info: changing GID to 8521
2023-09-05T17:16:35+0000 info: changing UID to 9396
2023-09-05T17:16:35+0000 info: loading 1 zones
2023-09-05T17:16:35+0000 info: [example.com.] zone will be loaded
2023-09-05T17:16:35+0000 info: starting server
2023-09-05T17:16:35+0000 info: [example.com.] zone file parsed, serial 2010111213
2023-09-05T17:16:35+0000 info: [example.com.] loaded, serial none -> 2010111213, 465
bytes
2023-09-05T17:16:35+0000 info: control, binding to '/rundir/knot.sock'
2023-09-05T17:16:35+0000 info: server started in the foreground, PID 8
2023-09-05T17:18:03+0000 info: [example.com.] control, received command
'zone-status'
2023-09-05T17:18:40+0000 info: [example.com.] control, received command
'zone-sign'
2023-09-05T17:18:40+0000 error: [example.com.] control, error (operation not supported)
2023-09-05T17:18:52+0000 info: [example.com.] control, received command
'zone-read'
2023-09-05T17:18:56+0000 info: [example.com.] control, received command
'zone-read'
2023-09-05T17:18:56+0000 error: [example.com.] control, error (no such node in zone
found)
2023-09-05T17:19:00+0000 info: [example.com.] control, received command
'zone-read'
2023-09-05T17:19:45+0000 info: [example.com.] control, received command
'zone-set'
2023-09-05T17:19:45+0000 error: [example.com.] control, error (no active transaction)
2023-09-05T17:22:57+0000 info: [example.com.] control, received command
'zone-set'
2023-09-05T17:22:57+0000 error: [example.com.] control, error (no active transaction)
2023-09-05T17:23:49+0000 info: [example.com.] control, received command
'zone-begin'
2023-09-05T17:23:54+0000 info: [example.com.] control, received command
'zone-set'
2023-09-05T17:24:02+0000 info: [example.com.] control, received command
'zone-commit'
2023-09-05T17:24:02+0000 info: [example.com.] zone file updated, serial 2010111213 ->
2010111214
btw. no info positive/negative regarding the DDNS
--------------------------------------
example.com.zone
example.com. 3600 SOA dns1.example.com. hostmaster.example.com.
2010111214 21600 3600 604800 86400
example.com. 3600 A 1.2.3.4
example.com. 3600 NS dns1.example.com.
example.com. 3600 NS dns2.example.com.
example.com. 3600 MX 10 mail.example.com.
dns1.example.com. 3600 A 192.0.2.1
dns1.example.com. 3600 AAAA 2001:db8::1
dns2.example.com. 3600 A 192.0.2.2
dns2.example.com. 3600 AAAA 2001:db8::2
mail.example.com. 3600 A 192.0.2.3
mail.example.com. 3600 AAAA 2001:db8::3
Thanks.
Best Regards,
JohnF
--
627
days inactive
787
days old
1 comments
2 participants
participants (2)
-
Daniel Salzman -
JeeF Software spol. s r.o.