Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    BUG: RFC2136 client key name case sensitivity

    Scheduled Pinned Locked Moved DHCP and DNS
    11 Posts 3 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      SecureIS
      last edited by

      Just found a minor bug with the RFC2136 (Dynamic DNS updates) client in 2.3.2-p1
      The key name as entered in pfSense is dropped to lowercase before being sent to the server. It then does not match on the server and the client is refused.

      e.g. keyname on server and pfSense is configured as "AbcdEfg". When pfSense sends the update to the server it's using keyname "abcdefg" and getting refused. By reconfiguring the server to accept keyname "abcdefg" the DDNS update is successful.

      1 Reply Last reply Reply Quote 0
      • L
        luciano_frc
        last edited by

        Your topic has been unresponsive for quite some time, most interestingly I'm having problems with RFC2136.
        Is that the problem, I use pfsense 2.3.3 and realmanete does not work with me RFC2136.
        Let's wait for someone else to interact here, to find out if it's really a BUG or not

        1 Reply Last reply Reply Quote 0
        • N
          NOYB
          last edited by

          Been using RFC2136 for years with camel case HMAC-MD5 key without issue.

          Server is running BIND9 nsupdate.

          1 Reply Last reply Reply Quote 0
          • L
            luciano_frc
            last edited by

            Thanks for the info.
            I must be doing something wrong.
            Please, how are you doing to use nsupdate? Are you using any script?

            1 Reply Last reply Reply Quote 0
            • N
              NOYB
              last edited by

              Just recalling that I've recently seen in some pfSense config comparisons that some options have recently be lowercased.  Perhaps it is related to that.

              Don't ask me why people think things should be lowercased.  Long standing pet peeve of mine.  Store stuff as user enters it.  If something needs it in upper or lower case then it's up to it to adjust accordingly as needed for use.

              Search the config to see if it is being stored in lower case.

              1 Reply Last reply Reply Quote 0
              • N
                NOYB
                last edited by

                @luciano_frc:

                Thanks for the info.
                I must be doing something wrong.
                Please, how are you doing to use nsupdate? Are you using any script?

                I don't recall how I set it up off top of my head.  The sticky at top of this forum has some good info. though.

                1 Reply Last reply Reply Quote 0
                • L
                  luciano_frc
                  last edited by

                  Exact, but I tried as described here
                  https://doc.pfsense.org/index.php/RFC2136_Dynamic_DNS
                  But with no success, in the RFC2136 guide the script is outdated, I have set the settings but I can not succeed
                  I even opened a topic about it
                  https://forum.pfsense.org/index.php?topic=63899.msg697022#msg697022
                  About nsupdate
                  I have tried using it to update a zone of my DNS more unsuccessfully as well
                  https://forum.pfsense.org/index.php?topic=125916.msg697038#msg697038

                  I really appreciate all the help I can get.
                  I'm looking for a solution to this for 4 days, and I really do not find anything at all.

                  Thank you very much :)

                  1 Reply Last reply Reply Quote 0
                  • N
                    NOYB
                    last edited by

                    It's been along time since I setup my RFC2136 service and I'm not adept enough with it to talk someone through it.  I used some of the same sources referenced in the sticky atop this forum.

                    1 Reply Last reply Reply Quote 0
                    • L
                      luciano_frc
                      last edited by

                      Can you please send me. A print from RFC2136.
                      And if possible, send me the bind configuration files?

                      1 Reply Last reply Reply Quote 0
                      • N
                        NOYB
                        last edited by

                        No.  Not going to do that.  All the info needed should already be available in the pfSense doc.  My setup is not significantly different.

                        1 Reply Last reply Reply Quote 0
                        • L
                          luciano_frc
                          last edited by

                          Thanks for the answer.
                          But it does not contribute to anything.
                          In the above doubts.
                          It just reports that it works, but it does not know how it works.

                          I will continue researching and I will not give up for answers like this.
                          thank you

                          1 Reply Last reply Reply Quote 0
                          • First post
                            Last post
                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.