AW: DDNS and TSIG
Walkenhorst, Benjamin
Benjamin.Walkenhorst at telekom.de
Fri Oct 22 11:11:16 UTC 2004
Hello,
> I've been through a couple of FAQs on the web and I've
> checked my setup;
> it is as similar as I can make it, no joy. The only
> difference is that
> the old setup is not running chrooted bind; this one is.
> Does this make
> any difference to TSIG?
Unless you keep your keys in files outside the chroot, I don't
see how that would affect TSIG-behaviour.
I think you problem is more like this: To be able to use TSIG-keys,
you have to tell BIND not only about the key and what might be done
using the key (like DDNS-Updates), but you have to create an entry
of the following form for each machine that is to use TSIG:
server <server's IP> {
keys { kahn.tnd.lan; };
};
Remember that not only the key's secret but also the *name* of the key has to be the same
on all machines that are to use it.
Kind regards,
Benjamin Walkenhorst
More information about the bind-users
mailing list