On 01/19/11 15:21, Jay Ford wrote:
On Wed, 19 Jan 2011, Barry Finkel wrote:
I have a master DNS server that has two IP addresses - one used for
DNS and one used for non-DNS. On that master I run rndc to load
zones on slave servers. On the slave servers I have
controls{
inet a.b.c.d port 953
Or one can not worry about the IP address being used. The addresses
are still there for backwards compatibilty with BIND 8 where only
the IP address is used. TSIG is really so much stronger than any
IP based authentication. It's like putting a screen door on a bank
vault.
In message
I have a master DNS server that has two IP addresses - one used for
DNS and one used for non-DNS. On that master I run rndc to load
zones on slave servers. On the slave servers I have
controls{
inet a.b.c.d port 953
allow {127.0.0.1; e.f.g.h; } keys {
On Wed, 19 Jan 2011, Barry Finkel wrote:
I have a master DNS server that has two IP addresses - one used for
DNS and one used for non-DNS. On that master I run rndc to load
zones on slave servers. On the slave servers I have
controls{
inet a.b.c.d port 953
allow
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 19.01.2011 22:13, Barry Finkel wrote:
Is there a
way on the master to run rndc and tell rndc which IP address to use?
rndc -h doesn't show it. The option is apparently only documented in the
man page:
-b source-address
Use source-address
5 matches
Mail list logo
