Telling rndc Which IP Address to Use

Mark Andrews marka at isc.org
Thu Jan 20 21:28:34 UTC 2011 

Or one can not worry about the IP address being used.  The addresses
are still there for backwards compatibilty with BIND 8 where only
the IP address is used.  TSIG is really so much stronger than any
IP based authentication.  It's like putting a screen door on a bank
vault.

In message <4D38633E.3040109 at anl.gov>, Barry Finkel writes:
> On 01/19/11 15:21, Jay Ford wrote:
> > On Wed, 19 Jan 2011, Barry Finkel wrote:
> >> I have a master DNS server that has two IP addresses - one used for
> >> DNS and one used for non-DNS. On that master I run rndc to load
> >> zones on slave servers. On the slave servers I have
> >>
> >> controls{
> >> inet a.b.c.d port 953
> >> allow {127.0.0.1; e.f.g.h; } keys { "rndc-key';};
> >> }
> >>
> >> Where "e.f.g.h" is the DNS address for the master server. Is there a
> >> way on the master to run rndc and tell rndc which IP address to use?
> >> Or do I have to put the non-DNS address of the master in the "controls"
> >> directive on the slaves. I am running 9.7.2-P3. Thanks.
> >
> > Does the "-b" option not suffice?
> >
> > ________________________________________________________________________
> > Jay Ford, Network Engineering Group, Information Technology Services
> > University of Iowa, Iowa City, IA 52242
> > email: jay-ford at uiowa.edu, phone: 319-335-5555, fax: 319-335-2951
> 
> I forgot about the -b option.
> -- 
> ----------------------------------------------------------------------
> Barry S. Finkel
> Computing and Information Systems Division
> Argonne National Laboratory          Phone:    +1 (630) 252-7277
> 9700 South Cass Avenue               Facsimile:+1 (630) 252-4601
> Building 240, Room 5.B.8             Internet: BSFinkel at anl.gov
> Argonne, IL   60439-4828             IBMMAIL:  I1004994
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org

More information about the bind-users mailing list