bind9 questions

[Danny Mayer]

     If you were running BIND 8.2.3 for NT, it DOES support TSIG keys.
A dnskeygen exe is included in the binary kit, or build it yourself from
source using the make file. Why doesn't QIP?

     Danny

Timothy.Moseley at hurlburt.af.mil wrote:

 > ---------------------------------------------------------
 > MY primary internal is a QIP box running on NT, I know alot of you out there
 > will see this as sacreligious, but the choice was not mine. Anyways I
 > upgraded to BIND8.2.3 a couple of weeks ago and everything loaded great on
 > this box and was working smooth as silk w/ QIP. Zone transfers happened and
 > I saw no errors in any logs. Since this is just one of the secondaries I
 > have I am able to experiment w/ it before upgrading any of the other boxes.
 > Oh yeah, sorry this is on a sparc box running Solaris 7 w/ all of the latest
 > and greatest patches already applied. Okay first problem, BIND9.1.1rc3
 > installed w/ no probs, but no zone transfers. You can see I have the files
 > going to the /var/named/secondary directory but nothing shows after
 > restarting named, so I tried the rnd reload command. ERROR:  rndc:
 > /etc/rndc.conf: file not found, so I created one w/ out the default-key
 > statement; ERROR: rndc: get default key: not found. QIP does not support
 > this TSIG key so I can't use this feature but I put it in anyway. Second
 > problem,  this is what I see in my logs when named is started w/ kill -HUP
 > 'cat /var/run/named.pid' : Feb 28 20:56:15 pinnacle4
 > /usr/local/sbin/named[263]: the default for the 'auth-nxdomain' option is
 > now 'no'
 > Feb 28 20:56:15 pinnacle4 /usr/local/sbin/named[263]: option 'check-names'
 > is not implemented---as you can see auth-nxdomain is set for yes and I am
 > not even using check-names. I have printed out the manual that comes with
 > BIND9 and have tried everything I can to get zone transfers, what am I doing
 > wrong, besides using NT.
 >
 > Sorry for the book
 >
 > TIA
 >
 > Tim