Re: DNS views TSIG and zone xfers

Thanks Bob, that is exactly what I ended up doing. And its working great now. You are also right about the view selection. On Fri, Aug 26, 2016 at 3:43 PM, Bob Harold wrote: > > On Thu, Aug 25, 2016 at 6:25 PM, project722 wrote: > >> Actually, I got to

Re: DNS views TSIG and zone xfers

On Thu, Aug 25, 2016 at 6:25 PM, project722 wrote: > Actually, I got to thinking about this. The "other_allowed_ns" ACL is in > the global options, along with an "allow-transfer" for that ACL. So, I > *think* they will still be able to zone transfer via the global option >

Re: DNS views TSIG and zone xfers

Actually, I got to thinking about this. The "other_allowed_ns" ACL is in the global options, along with an "allow-transfer" for that ACL. So, I *think* they will still be able to zone transfer via the global option based on simply IP. BUT...since I have multiple views, which zones from which views

DNS views TSIG and zone xfers

I have successfully setup TSIG keys for "views" using a DNS master/server pair. Zone transfers are working as expected between the 2 servers for each view. Before we go live into production with this I need some clarification on a couple things. Our prod servers are also allowing zone transfers to