Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.protocols.dns.bind > #51
| From | Aleksander Kurczyk <aleksanderkurczyk@o2.pl> |
|---|---|
| Newsgroups | comp.protocols.dns.bind |
| Subject | Re: Securing zone transfer and DDNS |
| Date | 2011-11-07 17:04 +0100 |
| Message-ID | <mailman.11.1320681929.68562.bind-users@lists.isc.org> (permalink) |
| References | <21ed7915.4729b742.4eb72f52.7f82@o2.pl> <4EB746D7.9000205@dougbarton.us> <687fd44f.1f6eb34b.4eb7ebcc.d7948@o2.pl> <20111107145934.GA2884@jmbp.jpmens.org> |
Dnia 7 listopada 2011 15:59 Jan-Piet Mens <jpmens.dns@gmail.com> napisaĆ(a):
> > Bind version is: 9.7.4
>
> Upgrade; 9.8.1 is current. (In addition, you're reading a book called
> BIND 10 -- even though the book doesn't once mention that software!)
I'm using Mac OS X 10.4.11 Tiger on G4 400 MHz PPC Mac and BIND 9.7.4 is the last version that I'm able to use.
> I assume what you probably want to do is something like this:
>
> key "my.key" {
> algorithm HMAC-MD5;
> secret "xxxx";
> };
> key "my.key2" {
> ...
> };
>
> acl xferkey {
> key my.key2;
> };
>
> zone "example.net" IN {
> type master;
> file "example.net";
> allow-update {
> key "my.key";
> };
> allow-transfer {
> xferkey;
> };
> };
That's what I'm trying to do :) but what's with the server section? On the book it's both in the master and slave (zone tranasfer) named.conf files.
> Instead of allow-update, I'd like to suggest you read up on the `grant'
> statement which allows a much finer granularity on DDNS.
I have trying:
update-policy { grant key subdomain my.zone any; }; (described in this book)
but it doesn't work.
--
Pozdrawiam,
Aleksander Kurczyk
Back to comp.protocols.dns.bind | Previous | Next | Find similar
Re: Securing zone transfer and DDNS Aleksander Kurczyk <aleksanderkurczyk@o2.pl> - 2011-11-07 17:04 +0100
csiph-web