BIND 10 #1165: allow specifying xfrout ACL per zone basis
BIND 10 Development
do-not-reply at isc.org
Tue Aug 2 22:31:35 UTC 2011
#1165: allow specifying xfrout ACL per zone basis
-------------------------------------+-------------------------------------
Reporter: jinmei | Owner:
Type: task | Status: new
Priority: major | Milestone: Next-
Component: xfrout | Sprint-Proposed
Sensitive: 0 | Keywords:
Sub-Project: DNS | Defect Severity: N/A
Estimated Difficulty: 0 | Feature Depending on Ticket:
Total Hours: 0 | Add Hours to Ticket: 0
| Internal?: 0
-------------------------------------+-------------------------------------
Currently xfrout can only have process-wide ACL, but the common practice
is to configure different zones with different access control policies
(such as by using different TSIG keys).
Ideally we should solve this in a generic way (like introducing
generic zone configuration and having xfrout refer to it), but it
would be a big task while the usage gap for xfrout would be more
urgent. So the proposal is to solve this in a possibly ad hoc, xfrout
specific way as a middle term workaround.
--
Ticket URL: <http://bind10.isc.org/ticket/1165>
BIND 10 Development <http://bind10.isc.org>
BIND 10 Development
More information about the bind10-tickets
mailing list