TSIG and zone xfers to BIND 4.9.4 from 9.1.3 nameserver

Mark_Andrews at isc.org Mark_Andrews at isc.org
Mon Oct 15 23:02:11 UTC 2001

> We have an old BIND 4.9.4 nameserver running under WindowsNT, and would like
> it to perform zone transfers from our primary UNIX nameserver which is
> running BIND 9.1.3.  Currently, that UNIX nameserver interacts with another
> UNIX secondary nameserver (also running BIND 9.1.3) via TSIG for secure zone
> transfers and control channel access (via rndc).  Many machines still
> reference the old BIND 4.9.4. nameserver, so until we get everyone looking
> at the UNIX nameservers, we need to have the old nameserver do zone
> transfers from the UNIX primary.  
> I know how to make a BIND 4.9.4 server a secondary, but how would I get it
> to do zone transfers from the UNIX primary w/o using TSIG and still have the
> UNIX-based primary and secondary use TSIG amongst themselves?

	On the master have a "server" clause for the slave with
	"transfer-format one-answer;".  Also you you have a allow-transfer
	ACL ensure that the slaves IP address is in it.

> --john
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark.Andrews at isc.org

More information about the bind-users mailing list