more clarification needed on TSIG please
J.D. Bronson
jbronson at wixb.com
Tue Jun 29 12:30:40 UTC 2004
as some of you have been following, I am having issues with TSIG. But only
one way (WAN -> LAN) ....LAN -> WAN works fine.
So I had presumed it was my config/setup...however when I use dig:
dig mydomain.com @ns1.electric.net AXFR -y
ns2.mydomain.com:**********longgarbagehere=
it works. So no matter which TSIG keys I use to/from (WAN or LAN) - I
cannot make this fail.
So I know I am setup just fine..
However (as I noted earlier) TSIG will not work for a 'refresh' or when I
do an 'rndc reload' if I have new zone data.
So, I am thinking this has something to do with the ports used and my Cisco
firewall....
Does anyone know the port ranges (and types) used for a 'dig' and then for
the 'automatic refresh' or a reload?
(I do not specify any ports in my named.conf file at all)
I am quite convinced this is a cisco firewall (CBAC) issue but I need more
information.
Thanks for ANY help!!!
--
J.D. Bronson
Aurora Health Care // Information Services // Milwaukee, WI USA
Office: 414.978.8282 // Email: jd at aurora.org // Pager: 414.314.8282
More information about the bind-users
mailing list