On Fri, 24 Apr 2009, Terry wrote: > I am a bit confused about what exactly applying a key to the servers > part of the config does: > > server 10.25.1.11 { > keys { > omajelns01.omajelns02; > }; > }; > key omajelns01.omajelns02 { > algorithm hmac-md5; > secret "asdfasdfasdfasdfasdf"; > }; > zone "narf.com" { > type master; > file "/var/named/narf.com.hosts"; > also-notify { > 10.25.1.11; > }; > notify yes; > }; > > In this config, what does the key in the server section actually do > for me? I really only want zone transfers to be secured between my > master and slaves but I don't really want each zone to have it's own > key. There's also a very high chance that I will have to exchange > zones with non-bind servers too. Which I don't think is an issue if I > apply keys at the server level. Thoughts?
Hello Terry, The keys in the server statement is used to cause requests sent to that server to be signed using that key. In this case, it may be more than just zone transfers. It needs to be configured on both sides (so also on the slave at 10.25.1.11). Jeremy C. Reed ISC Sales & Support Engineer _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users