TSIG errors
Bill.Stephens at fritolay.com
Bill.Stephens at fritolay.com
Mon Oct 8 14:52:52 UTC 2001
I'm having a problem setting up TSIG's between my primary and secondary servers.
I tried following the instructions in the DNS & BIND book, but am obviously
missing something. I'm running BIND 8.2.3 on both master and slave. I'm
receiving the following error message when the primary tries to send a notify
for an IXFR:
named-xfer[19921]: SOA TSIG verification from server [(primary ip address], zone
myzone.tst: no TSIG present (-10)
My primary is setup with:
key updatekey. {
algorithm hmac-md5;
secret "(my secret key";
};
options {
directory "/var/named";
auth-nxdomain yes;
allow-transfer {
key {updatekey.;};
any;
};
maintain-ixfr-base yes;
max-ixfr-log-size 1M;
transfer-format many-answers;
};
My secondary is setup with:
key updatekey. {
algorithm hmac-md5;
secret "my secret key";
};
server (my primaries ip addr) {
keys { updatekey.;};
support-ixfr yes;
};
Thanks
More information about the bind-users
mailing list