How can you verify TSIG is working b/t Master & Slave servers
Alan Clegg
Alan_Clegg at isc.org
Thu Jan 22 14:11:28 UTC 2009
Mark A. Moore wrote:
> I have setup and configured TSIG on our Bind 9. DNS servers. How can you
> verify/test that it is working correctly?
Check your logging:
xfer.log:20-Jan-2009 20:06:24.677 xfer-out: info: client
149.20.XX.XX#60073: transfer of '154.XX.XX.in-addr.arpa/IN': AXFR-style
IXFR started: TSIG KEYNAME-HERE
You can also use the -y option on dig to force your query/transfer from
the command line to use TSIG:
dig @SERVER -y KEYNAME-HERE:KEYING-MATERIAL ZONE-NAME axfr
(and then check your logs) :)
AlanC
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: OpenPGP digital signature
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20090122/0ebceb05/attachment.bin>
More information about the bind-users
mailing list