When using dynamic update command NSUPDATE, a send error occurs while manually updating an iSeries to a 3rd party DNS server.
Resolving The Problem
NSUPDATE (Dynamic Update command) is a BIND command that is used for DDNS (Dynamic DNS) or RFC 2136. Administrators may use this command on the IBM i to manually update a DNS server. The CL NSUPDATE has two modes (both are explained below) which can be used:
A. Interactive mode
B. Batch mode
An improperly configured IBM i system may experience a time-out failure if these steps have not been completed:
1. Create the follow two files with CCSID 819:
2. The contents are as follows:
nameserver 192.168.0.1 (change to your DNS server IP)
Note: Besides 'NAMESERVER', 'SEARCH' in /etc/resolv.conf will also affect the behavior of STRDIGQRY(DIG).
1. Type NSUPDATE and press Enter, or type NSUPDATE and press F4.
2. Specify Batch input file *NONE, and press Enter.
Batch input file . . . . . . . . *NONE
Show debug information . . . . . *NO *NO, *YES
You will then enter interactive mode.
> server mydnsserver
> update delete oldhost.example.com A
> update add newhost.example.com 86400 A 172.16.1.1
Note: NSUPDATE is an alias of RUNDNSUPD. Server mydnsserver will select mydnsserver as the target DNS server instead of the default DNS server to perform DDNS updates. The command will require NSUPDATE to submit the DDNS request packets to the DNS server. QUIT will exit NSUPDATE when completed.
With batch mode, you need to save the update commands into a text file, and then pass file path to the command RUNDNSUPD as a parameter.
This command sends the updates in the file '/home/ibmuser/my-updates' to the server defined in the files with the server command. For example, the contents of the file might look like this:
server myserver.i5os.ibm.com 53
prereq yxdomain box1.i5os.ibm.com.
update delete box1.i5os.ibm.com. A
update add box1.i5os.ibm.com. 3600 A 10.9.9.9
prereq yxdomain box2.i5os.ibm.com.
update delete box2.i5os.ibm.com. A
update add box2.i5os.ibm.com. 3600 A 10.9.9.10
Verifications needed on your DNS server side
NSUPDATE DDNS protocol will do the dynamic DNS update; however, also on the DNS server side, configuration attribute "allow updates" may be needed to allow the update to occur:
|1.||Select the appropriate DNS server for the DDNS update. |
Note: Use STRDIGQRY to find out which DNS server to select. Communication failed error may also be an unknown zone issue which may indicate the wrong DNS server is being attempted.
INFO: NSLOOKUP is not longer supported on V6R1 and above. It has been replaced with STRDIGQRY or if you are in QSHELL just DIG (DCF N1010417).
|2.||Check the zone on the DNS server to ensure that dynamic updates are allowed.|
|3.||Check the ACL(access control list) setting on the DNS server to ensure that the update is allowed.|
Was this topic helpful?
18 December 2019