TSIG Zone Transfer fails

Simon Waters Simon at wretched.demon.co.uk
Thu Oct 25 15:41:26 UTC 2001


Kevin Clark wrote:
> 
> I have not touched my named.conf which contains all the key and
> transfer data.  Secondary.com says everything is cool on there end.
> My only clue is that my system / hardware clock seems to be screwed
> up.  My evidence is this.  When I ping myself I get this message.
> 
> Warning: time of day goes back, taking countermeasures.
> 
> I understand that TSIG uses a timestamp as one of it's verification
> methods.  If my time is screwed up I can see that this would cause a
> failure.

The error message your seeing here is I think a minor irritation
caused by using a recent kernel, and recent version of iputils.

http://www.redhat.com/mailing-lists/ia64-list/msg00555.html

I doubt this is related to your problem.

Time sync is important, are you using NTP to synchronise with a
good time source?

This is also a fairly old version of BIND, the changes file
includes better logging of TSIG errors amongst many other TSIG
related changes. I suggests 9.2.0rc7 (or 8 but I haven't tried
that yet).


More information about the bind-users mailing list