tsig indicates error
Tony Finch
dot at dotat.at
Mon Jul 27 15:33:06 UTC 2015
Managed Pvt nets <mpn at icabs.co.zw> wrote:
>
> Jul 27 14:40:24 hostname named[6016]: zone myzone.co.zw/IN: transferred serial 2015072400: TSIG 'rndc-key'
It isn't a very good idea to use the same key for zone transfers and
for rndc. It is common to allow zone transfers to third parties, and
you don't want them to be able to fiddle with your name server!
Best to have separate keys for rndc and different keys for each secondary
(or for each set of secondaries under the same management).
Tony.
--
f.anthony.n.finch <dot at dotat.at> http://dotat.at/
Biscay: Northwest 5 or 6, occasionally 4 later. Moderate or rough. Fair. Good.
More information about the bind-users
mailing list