[dns-operations] using TSIG keys in a mixed environment
Mark Jeftovic
markjr at easydns.com
Tue Aug 11 13:52:11 UTC 2015
On 2015-08-10 11:59 PM, Paul Vixie wrote:
>
>
> Randy Bush wrote:
>>> If you enable a TSIG key for a zone slaving from a particular master,
>>> all subsequent transfers for any zone slaving from that master will
>>> attempt to use that key (because the key is defined for the host of the
>>> endpoint, not the zone being mirrored)
>>
>> i believe this to be incorrect. it is per-zone.
>
> that was true in the earliest BIND9 version that supported TSIG. but
> it's per-zone today.
>
Kinda makes me wish I asked a long time ago (or read the release notes).
Thx.
- mark
--
Mark Jeftovic, Founder & CEO, easyDNS Technologies Inc.
Company Website: http://easydns.com
Read My Blog: http://markable.com
+1-416-535-8672 ext 225
More information about the dns-operations
mailing list