On 24/07/2015 6:07:09 PM, "John Miller" <johnm...@brandeis.edu> wrote:
On Fri, Jul 24, 2015 at 11:52 AM, Mark Elkins <m...@posix.co.za> wrote:
On Fri, 2015-07-24 at 15:44 +0000, Managed Pvt nets wrote:
>
>
> On 24/07/2015 5:05:24 PM, "Alan Clegg" <a...@clegg.com> wrote:
>
> > Possible problems:
> > Mismatched keys.
> > Mismatched key names.
> > Mismatched clocks.
>
> Most likely mismatched key. I have to figure out how to make sure
my
> master does not require TSIGs and my slave does not try to use them.
TSIG is a step towards better security. Rather learn how to use it
than
go backwards. I see TSIG as a step towards DNSSEC...
I'm with Mark on this. TSIG isn't that tough to figure out--a couple
hours and you should have it down. Cricket/Paul's book, and Pro DNS
and BIND 10 are good intros to the subject. I'm installing a copy of
Debian 8.1 for myself right now--I'm curious to see what the stock BIND
config looks like (we use RHEL here at the office).
Thanks all. I finally got this working.
===
Jul 27 14:40:24 hostname named[6016]: zone myzone.co.zw/IN: transferred
serial 2015072400: TSIG 'rndc-key'
===
many thanks
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
