On 01/20/2011 09:28 PM, Mark Andrews wrote:
Or one can not worry about the IP address being used. The addresses are still there for backwards compatibilty with BIND 8 where only the IP address is used. TSIG is really so much stronger than any IP based authentication. It's like putting a screen door on a bank vault.
There are other reasons than authentication to care about IP addresses. For example, complex policy-routed or multihomed environments where different source IPs are routed differently.
By which I mean: please don't remove this option ;o) _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
