support for TSIG key for also-notify sub statement
ivan jr sy
ivan_jr at yahoo.com
Thu Jul 17 14:47:03 UTC 2008
Hi all,
I was wondering whether BIND will support also-notify with TSIG key?
I understand that also-notify only has this statement..
also-notify { ip_addr port ip_port ; ip_addr port ip_port ; ... };
And that I can use server statement to make use of TSIG and do the
also-notify dance from there..
include "/etc/namedb/keys";
acl "ns2" { 172.17.0.2; };
server 172.17.0.2 {
keys { ns1.example.com-ns2.example.com; }; };
zone "example.com" in {
type master;
allow-query {
"any";
};
allow-transfer {
"ns2";
};
allow-update {
"none";
};
also-notify {
172.17.0.2 port 53;
};
file "/var/named/master/example.com.db";
};
But I was hoping if I have multiple zones in these two DNS servers and
want to have TSIG on one zone, without the need for server statement, without the need to require TSIG keys on the zone statement on the secondaries of the same view, or as an alternative to the use of server statement. Something like.. (to get rid of the server statement). This is really helpful for zone transfers of the same zone name of multiple views on two boxes.
also-notify {
172.17.0.2 port 53 key ns1.example.com-ns2.example.com;
};
Any plans? part of the roadmap?
If I'll get a chance to code some (hopefully, if ill have the time) where will I start? who to talk to? and where can i share it with?
Thanks!
More information about the bind-users
mailing list