«tsig verify failure» only on some zones

Hauke Lampe lampe at hauke-lampe.de
Tue Aug 17 22:42:40 UTC 2010


Joachim Tingvold wrote:

> During initial startup of NS3, most zones gets «tsig verify failure»,    
> but some zones are successfully transferred. All zones uses the same    
> transfer-key.

> Could this be an issue with different BIND-versions, or are there    
> other matters that could cause this?

What TSIG algorithms do you use and how long are the keys?

It could be that you hit an interoperability bug in BIND that was fixed in 9.7.0, although it doesn't fit the symptoms exactly:

http://www.mail-archive.com/bind-users@lists.isc.org/msg04663.html

This is just hunch. I'd have no other explanation yet.


Hauke.





More information about the bind-users mailing list