TSIG help
J.D. Bronson
jbronson at wixb.com
Wed Jun 23 00:38:18 UTC 2004
Hmm. I need help getting more debug out of bind 9.3.0rc1...
I have TSIG working on 2 of 3 machines and it works fine in both
directions. However, these 2 are on the same side of 1 router, so they
never pass THRU this CISCO router.
The 3 machine is off site and I can TSIG "into it" without any issue, but
cant TSIG 'out of it'.
I see the TSIG notify's coming from the offsite machine, but the local
machine sees this and then fails:
[slave]
22-Jun-2004 19:26:08.637 client 1.2.3.4#23765: view external: received
notify for zone 'electric.net': TSIG 'ns1.electric.net'
Jun 22 19:26:08 named[1590]: zone electric.net/IN/external: refresh:
failure trying master 1.2.3.4#53 (source 192.168.1.2#0): tsig verify failure
...now, I am going thru a CISCO router (and I know they didnt pass TSIG
awhile back...) but I think the latest IOS I am running does. After all, it
does work 1 way at least...
anything I can do to debug this and either find MY error, or prove that the
CISCO is messing up my TSIG?
it seems I can TSIG 'OUT' fine, but not 'IN'.
Thanks in advance....
--
J.D. Bronson
Aurora Health Care // Information Services // Milwaukee, WI USA
Office: 414.978.8282 // Email: jd at aurora.org // Pager: 414.314.8282
More information about the bind-users
mailing list