find problem on example #799
Description
Hi team,
I am facing the problem on changing another env
eample1:
class dnstest:
@classmethod
def dnsZoneQuery(self):
# query = dns.zone.from_xfr(dns.query.xfr('192.168.196.234', 'sword.cn'))
query = dns.zone.from_xfr(dns.query.xfr('192.168.5.50', 'kekemile.com'))
for n in sorted(query.nodes.keys()):
if str(n) == '@':
continue
else:
print(query[n].to_text(n))
if __name__ == '__main__':
# dnstest.update_dns()
dnstest.dnsZoneQuery()
I have used it on my first bind9 env is ok however it not work when I changed to another
It shows error message
File "dnsTest.py", line 27, in dnsZoneQuery
query = dns.zone.from_xfr(dns.query.xfr('192.168.5.50', 'kekemile.com'))
File "/Users/xingu/opt/miniconda3/envs/dnspython_test/lib/python3.7/site-packages/dns/zone.py", line 1179, in from_xfr
for r in xfr:
File "/Users/xingu/opt/miniconda3/envs/dnspython_test/lib/python3.7/site-packages/dns/query.py", line 987, in xfr
raise TransferError(rcode)
dns.xfr.TransferError: Zone transfer error: NOTAUTH
Example2 :
@classmethod
def update_dns(self):
print("-----begin------")
keyring = dns.tsig.Key("rndc-key", "c4PqgUiaTS8N3kRZRC1SNg==", algorithm=dns.tsig.HMAC_MD5)
update_msg = dns.update.UpdateMessage('kekemile.com', keyring=keyring) # 需要更新的域,以及认证所用的key
update_msg.add('444', 300, 'A', '144.14.0.9') # 这个是直接更新覆盖,改为这个记录.如果没有则添 加记录
response = dns.query.tcp(update_msg, '192.168.5.50') # 更新
print('-----response-----\n', response)
return_code = response.rcode() ##这个是返回代码,0才是成功
print('-----return_code-----\n', return_code)
result_Text = dns.rcode.to_text(return_code) ##代码转换为对应结果
print('-----Result_Text-----\n', result_Text)
it shows
File "/Users/xingu/opt/miniconda3/envs/dnspython_test/lib/python3.7/site-packages/dns/message.py", line 1027, in read
self._get_section(MessageSection.ADDITIONAL, adcount)
File "/Users/xingu/opt/miniconda3/envs/dnspython_test/lib/python3.7/site-packages/dns/message.py", line 988, in _get_section
self.multi)
File "/Users/xingu/opt/miniconda3/envs/dnspython_test/lib/python3.7/site-packages/dns/tsig.py", line 291, in validate
raise PeerBadKey
dns.tsig.PeerBadKey: The peer didn't know the key we used
My config is blew
rndc.conf
key "rndc-key" {
algorithm hmac-md5;
secret "c4PqgUiaTS8N3kRZRC1SNg==";
};
options {
default-key "rndc-key";
default-server 192.168.5.50;
default-port 953;
};
name.conf
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
# Use with the following in named.conf, adjusting the allow list as needed:
key "rndc-key" {
algorithm hmac-md5;
secret "c4PqgUiaTS8N3kRZRC1SNg==";
};
controls {
inet 192.168.5.50 port 953
allow { 192.168.5.81;192.168.6.132;192.168.6.186; } keys { "rndc-key"; };
};
named.rfc1912.zones
zone "kekemile.com" IN {
type master;
file "kekemile.com.zone";
allow-update { key rndc-key; };
};
Could you please give me some advice on it , maybe I have mistake some config on my conf file
dnspython == 2.2.0
BR
Robin