feature consultation -- per-zone initiator-side tsig keys
Peter Koch
pk at DENIC.DE
Tue Dec 16 13:08:39 UTC 2008
On Mon, Dec 15, 2008 at 11:16:07PM +0000, Paul Vixie wrote:
> to use key K1 when talking to server S about zone Z1, yet use key K2
> when talking to the same server S about zone Z2.
why would one miss this?
> the logic would just be, when about to search for a "server" statement,
> first search for a "zone-server" statement matching the zone you're
> acting on behalf of. if there's a "zone-server" statement, use it. if
> not, then search for a "server" statement in the traditional manner. i
> think, though, that this kind of thing warrants some community input,
> so i'm asking for feedback, workarounds, or alternative suggestions.
Would a "server" statement within a "zone" statement help here? Alternatively,
isn't the "masters" statement in the "zone" clause already offering what you're
looking for?
masters [port ip_port] { ( masters_list | ip_addr [port ip_port] [key key] ) ;
-Peter
More information about the bind-workers
mailing list