GSS-TSIG update policy identity field

Juergen Dietl isclists01 at
Thu May 12 12:21:31 UTC 2011

2011/5/12 Mark Andrews <marka at>

> I suggest that you look at the documentation for "external" and use
> it.
> Hello Mark,

thanx a lot for your explanation. One last question.

What do you mean with your sentence above? Do you mean that?:
external This rule allows named to defer the decision of whether to
allow a given update to an external daemon.
The method of communicating with the daemon is specified
in the identity field, the format of which is
”local:path”, where path is the location of a UNIXdomain
socket. (Currently, ”local” is the only supported
Requests to the external daemon are sent over the UNIXdomain
socket as datagrams with the following format:
Protocol version number (4 bytes,
network byte order, currently 1) Request
length (4 bytes, network byte order)
Signer (null-terminated string) Name
(null-terminated string) TCP source
address (null-terminated string) Rdata
type (null-terminated string) Key
(null-terminated string) TKEY token length
(4 bytes, network byte order) TKEY token
(remainder of packet) The daemon replies with a
four-byte value in network byte order, containing either 0 or
1; 0 indicates that the specified update is not permitted, and
1 indicates that it is.In

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the bind-users mailing list