First thing. Ensure that the nameservers are properly ntp synced.
This should get rid of mosr timing issues.
Secondly, for the failing zone run tcpdump on both ends and compare
the TCP payload of the packets. They should be byte for byte
identical. If they differ then the NAT box is fiddling w
On Wed, Aug 18, 2010, at 00:42:40AM GMT+02:00, Hauke Lampe wrote:
What TSIG algorithms do you use and how long are the keys?
HMAC-MD5, 128 bit. The keys are 24 chars long. I'll try to test with
another algorithm, however I find it quite strange; if it works for
some zones, why doesn't it wo
Joachim Tingvold wrote:
> During initial startup of NS3, most zones gets «tsig verify failure»,
> but some zones are successfully transferred. All zones uses the same
> transfer-key.
> Could this be an issue with different BIND-versions, or are there
> other matters that could cause
Hi,
I've been trying to wrap my head around this for a while now, so I
thought I'd ask around here.
For a while, I've had two nameservers, one master (let's call this
NS1), one slave (let's call this NS2) -- which has been working
flawlessly. They've both run BIND 9.6-ESV-R1 on Debian Len
4 matches
Mail list logo
