[dns-operations] using TSIG keys in a mixed environment
paul at redbarn.org
Tue Aug 11 03:59:42 UTC 2015
Randy Bush wrote:
>> If you enable a TSIG key for a zone slaving from a particular master,
>> all subsequent transfers for any zone slaving from that master will
>> attempt to use that key (because the key is defined for the host of the
>> endpoint, not the zone being mirrored)
> i believe this to be incorrect. it is per-zone.
that was true in the earliest BIND9 version that supported TSIG. but
it's per-zone today.
More information about the dns-operations