tsig and servers help

Terry td3201 at gmail.com
Fri Apr 24 16:57:42 UTC 2009


I am a bit confused about what exactly applying a key to the servers
part of the config does:

server {
	keys {
key omajelns01.omajelns02 {
	algorithm hmac-md5;
	secret "asdfasdfasdfasdfasdf";
zone "narf.com" {
	type master;
	file "/var/named/narf.com.hosts";
	also-notify {;
	notify yes;

In this config, what does the key in the server section actually do
for me?  I really only want zone transfers to be secured between my
master and slaves but I don't really want each zone to have it's own
key.  There's also a very high chance that I will have to exchange
zones with non-bind servers too.  Which I don't think is an issue if I
apply keys at the server level.  Thoughts?


More information about the bind-users mailing list