TSIG afxr failed while receiving responses: REFUSED
Anand Buddhdev
anandb at ripe.net
Sun May 25 22:54:49 UTC 2014
On 25/05/2014 16:58, micah wrote:
> zone "example.net" {
> type master;
> allow-transfer { key tsig.key.; };
Here's your mistake. You've written tsig.key, whereas your key is called
tsig-key. Those names don't match.
> also-notify { ip.address.here.x; };
> file "/etc/bind/master/db.example";
> auto-dnssec maintain;
> inline-signing yes;
> };
>
> on the slave I have copied over the tsig.keys file and added to the
> bottom of it:
>
> key "tsig-key" {
> algorithm hmac-sha256;
> secret "weeetsigblobhere=";
> };
>
> server ip.of.master.here {
> keys { "tsig-key"; };
> };
More information about the bind-users
mailing list