zone transfer

David F. Newman dnewman at maraudingpirates.org
Sun Jun 10 03:06:36 UTC 2001


On Sun, 10 Jun 2001, Thor Kottelin wrote:

> Jimi wrote:
> >
> > How do you enable zone transfers, in the /etc/named.conf or the zone
> > file and what is the syntax in bind.
>
> In named.conf, e.g.: allow-query { any; };
>
Don't you mean allow-transfer?  And generally, in my opinion, allowing
anyone to transfer your domains is a bad idea.  I usually set
allow-transfer { none; } in the global area and then avtivate it on
a zone by zone basis.  On top of that I think it is a good idea to
use the TSIG keys for authenticating zone transfers.  Therefore, in
your zone {} clause you would have something similar to
allow-transfer { key "key_name"; };  The documentation for TSIG
is included in the distribution for bind.

-Dave





More information about the bind-users mailing list