Verified Answers

If an answer to your question is correct, click on "Verify Answer" under the "More" button. The answer will now appear with a checkmark. Please be sure to always mark answers that resolve your issue as verified. Your fellow Community members will appreciate it! Learn more

  • State Not Answered
  • Replies replies
    3
  • Subscribers subscribers
    23
  • Views views
    353
  • Users 0 members are here
  • Locked Locked
Related
Options
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

TSIG Dynamic DNS Configuration.

MigrationDeletedUser
I wonder if someone can help me here.

Dynamic DNS is an important service for me, without it working properly using DHCP is impractical, PC's can't find printers, scanners can't find PC's and no-one can find IT team as they're all hiding from the staff in the comms room.
I had some success with the 'update all' version of DDNS - document 3372644 How to setup dynamic DNS (DDNS) on OES2 SP2 server and am starting from that point as a base.

- By the way if you want to configure DDNS that single page printout is a million times more useful the utterly soul destroying DNSDHCP Administration guide for Linux - obviously written by a dnsdhcp genius and basically a very good high level overview followed by a microscopically detailed list of every single tick box and entry field available in iManager and the DNS/DHCP management console... and really of no use to anyone trying to configure the services for the first time as there's no practical context - reading that is like being given a satellite picture of the earth and a list of car parts and being told 'drive me to Cornwall'...where do you start ? :o)

anyway - Is there an equivalent document to 3372644 to show how to configure Dynamic DNS using TSIG keys on OES2 -SP3, one written for a definite non-genius, please...?

Currently I have managed to create TSIG keys, both DNS and DHCP keys (which I feel may be the problem... as I'm getting "bad key" mentions in the /var/log/messages log.
NB note to documentation authors telling people 'this is where you put the secret key' next to the box marked secret key doesn't explain things
- it seems that you can just populate this with a random set of characters (as long as the number of characters is divisible by four)
I used an eight character entry and find in the logs messages saying this is too small to be secure... but not if it won't work because of it.

I have entered the DNS TSIG keys in the DNS Zone control list's 'allow update options' section, but don't know if I need to configure the subsequent 'update policy option' for it to work
Also in the DHCP section I've added the DHCP keys created when following the TID to enable you to view DHCP leases.

any help will be appreciated...
  • 0
    You have to make sure that the two keys created (one under DNS and the other under DHCP) have the same names, and the same secrets. If they aren't you will receive failures. In addition, make sure that the secret you create is divisible by 4 (IE: secret12, secret123456, somesecret00). You are correct with your allow update option. Make sure that under the KEY LIST tab you have the key under the selected DNS keys section. Make sure that under your DHCP zone objects you setup for DDNS you have the TSIG key selected under there too. That should be it (going off of the top of my head). Just restart your services and test.
  • 0 in reply to 
    joharmon;2121149 wrote:
    You have to make sure that the two keys created (one under DNS and the other under DHCP) have the same names, and the same secrets. If they aren't you will receive failures. In addition, make sure that the secret you create is divisible by 4 (IE: secret12, secret123456, somesecret00). You are correct with your allow update option. Make sure that under the KEY LIST tab you have the key under the selected DNS keys section. Make sure that under your DHCP zone objects you setup for DDNS you have the TSIG key selected under there too. That should be it (going off of the top of my head). Just restart your services and test.


    Ah thank you joharman, this makes sense, the whole set-up implied that the same key should be used, it was just that you couldn't create a single key and select that for both... being a bit of a div I'd created one in the dns side named site-tsig-key-dns and another site-tsig-key dhcp from within the dhcp side...
    I found it odd that in the dhcp section of the dnsdhcp management console you can input the ip of a dns server that manages the zone you want to update and select a key to use, but it only gives you the option to choose the key you created in the dhcp section...

    OK I'll make sure I'll create an identical pair and see how that goes...

    thanks very much

    Paul
  • 0 in reply to 
    yep that works, thank joharman... much appreciated :o)

Resources

Support
Documentation
Learning Services
Partner Programs
Privacy
Compliance
Help
Company
Privacy Policy
Terms of Use
Cookies Preferences
Accessibility
Anti-Slavery Statement
Support
Contact Us
Careers
Code of Business Conduct and Ethics
The opinions expressed above are the personal opinions of the authors, not of OpenText. By using this site, you accept the Terms of Use. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.), Hewlett Packard Enterprise Company, or Micro Focus. As of January 31, 2023, the Material is now offered by OpenText, a separately owned and operated company. Any reference to the HP, Hewlett Packard Enterprise/HPE, and Micro Focus marks is historical in nature and the HP, Hewlett Packard Enterprise/HPE, and Micro Focus marks are the property of their respective owners.