define domain both for internal and external zones?
Gerry Reno
greno at verizon.net
Sun Apr 6 20:51:23 UTC 2008
Eureka! After about 20 tries I've got this TSIG working!
So what was the problem? Well, I'm not exactly certain. But what I did
was to remove all traces of keys everywhere.
I regen'd the key being very careful to make sure the key ended in a <dot>.
I followed the example in the FAQ as far as what does and does not get
double-quoted and made sure that all references to the key name
also ended in a <dot> just as it did for dnssec-keygen.
So now back to some of the original issues:
I have two zones in the 'external' view now controlled by TSIG. When I
change these on the master and update their serials they do not transfer
to the slave.
Any of the 'internal' view zones will transfer just fine when I update them.
I restarted both servers and still no transfer on the external zones. I
even commented out the 'allow-update' restrictions and still no transfer.
The slave log shows refresh lines for all the 'internal' zones but
nothing for any of the 'external' zones.
Since 'external' zones are under TSIG now, is there something else
required to get them to transfer?
Gerry
More information about the bind-users
mailing list