CODEWITHSUNDEEP
javadnsbind
Liza
Liza

Reputation: 21

Dynamic DNS Entry using bind & dnsjava

I need to insert a host url into a Bind DNS zone using javadns. I generated a TSIG key and configured bind config files.

I'm not sure about the DNS zone allow-update issue. Should I enter valid IPs or TSIG keys?

Here is the code I implemented with javadns:

Name zone = Name.fromString("ns1.dns.com.");
Name host = Name.fromString("some.host.com", zone);

Resolver res = new SimpleResolver(dnsIp);
res.setTSIGKey(new TSIG("my_tsig_key", key));
res.setTCP(true);

Update update = new Update(zone);
update.add(host, Type.A, 86400, "1.2.3.4");
Message response = res.send(update);
System.out.println(response);

CONSOLE:

;; ->>HEADER<<- opcode: UPDATE, status: NOTAUTH, id: 22225 ;; flags: qr ra ; qd: 1 an: 0 au: 0 ad: 1 ;; TSIG ok ;; ZONE: ;; ns1.dns.com., type = SOA, class = IN

;; PREREQUISITES:

;; UPDATE RECORDS:

;; ADDITIONAL RECORDS: ns1.domain.com. 0 ANY TSIG hmac-md5.sig-alg.reg.int. 1465835914 300 16 xXqHHVOp5tOnebnSGynXMQ== NOERROR 0

;; Message size: 116 bytes

SYSLOG:

Jun 13 19:38:34 atar-srv named[2632]: client 192.168.200.23#57543/key ns1.dns.com: updating zone 'dns.com/IN': update failed: not authoritative for update zone (NOTAUTH)

Upvotes: 2

Views: 1054

Answers (1)

zahra.dgh
zahra.dgh

Reputation: 133

It is important to consider your key algorithm. The constructor

public TSIG(String KeyName , String keySecret)

is working with hmac-md5 algorithm according to javadoc for dnsjava (Look at the class TSIG and its constructors). If you want to use other algorithm you should provide your algorithm to this constructor : 

public TSIG(java.lang.String algorithm,
            java.lang.String name,
            java.lang.String key)

and these are legal algorithm value: "HmacMD5", "HmacSHA1", "HmacSHA224", "HmacSHA256", "HmacSHA384", "HmacSHA512"

Upvotes: 1

Related Questions