DNS 9 NOTAUTH vs 20 BADNAME
Both DNS 9 (NOTAUTH) and 20 (BADNAME) belong to the DNS Response Codes (RCODEs) category. 9 indicates that server Not Authoritative for zone, or Not Authorized. The server is not authoritative for the zone named in the Zone section. Meanwhile, 20 means that duplicate key name. The key name in a TKEY negotiation is already in use or conflicts with an existing key.
설명
Server Not Authoritative for zone, or Not Authorized. The server is not authoritative for the zone named in the Zone section.
이 코드를 보게 되는 경우
You sent a dynamic update or zone operation to a server that is not the authoritative master for that zone, or the server rejected it due to TSIG authentication failure.
해결 방법
Send the update to the correct primary authoritative server for the zone. If using TSIG, verify the key name and secret match on both client and server.
설명
Duplicate key name. The key name in a TKEY negotiation is already in use or conflicts with an existing key.
이 코드를 보게 되는 경우
A TKEY key establishment failed because a key with the same name already exists on the server from a previous session that was not properly cleaned up.
해결 방법
Use a unique key name for each TKEY session (e.g., append a timestamp or random suffix). Delete stale keys on the server if they are no longer needed.
주요 차이점
DNS 9: Server Not Authoritative for zone, or Not Authorized. The server is not authoritative for the zone named in the Zone section.
DNS 20: Duplicate key name. The key name in a TKEY negotiation is already in use or conflicts with an existing key.
You encounter 9 when you sent a dynamic update or zone operation to a server that is not the authoritative master for that zone, or the server rejected it due to TSIG authentication failure.
You encounter 20 when a TKEY key establishment failed because a key with the same name already exists on the server from a previous session that was not properly cleaned up.
언제 어떤 것을 사용할지
For 9 (NOTAUTH): Send the update to the correct primary authoritative server for the zone. If using TSIG, verify the key name and secret match on both client and server. For 20 (BADNAME): Use a unique key name for each TKEY session (e.g., append a timestamp or random suffix). Delete stale keys on the server if they are no longer needed.