DNS/TSIG setup
Hi,
I want to use TSIG (keys etc) to transfer DNS data between the primary
server and the secondary with BIND 8.
I ran dnskeygen to get an HMAC-MD5 key. I put the secret from the .private
file into a "key" section on the primary and secondary. I put the name
of the key into the allow-transfer section of the relevant zones on
the primary, and in a server section for the primary's IP on the secondary.
But when the secondary goes to do a transfer, the primary logs the
following:
Aug 31 09:51:48 risingsoftware named[675]: denied AXFR from [secondary's_ip].33375 for "thedomainname" IN (acl)
I can't work out why. Documentation for this seems to be lacking too
(the BIND manual is almost useless). Can anyone help?
thanks,
Hamish
--
Hamish Moffatt VK3SB <hamish@debian.org> <hamish@cloud.net.au>
Reply to: