Date: Wed, 22 Aug 2001 10:38:53 -0400 From: "Simon" <simon@optinet.com> To: "damir@voljatel.si" <damir@voljatel.si>, "freebsd-isp@freebsd.org" <freebsd-isp@freebsd.org> Subject: Re: secure DNS zone transfer Message-ID: <20010822143859.2C0A037B40E@hub.freebsd.org> In-Reply-To: <0108220945240L.00300@pxna>
next in thread | previous in thread | raw e-mail | index | archive | help
You can use TSIG, here are a few docs i found by searching on google.com: http://www.oreilly.com/catalog/dns4/chapter/ch11.html http://www.asp.ogi.edu/people/paja/linux/dns/named.conf.slave Basically, you will have a key and then allow-transfer { key key_name; }; in your master config and server master_ip { keys { key_name; }; }; in your slave config along with the key PS: sync the time on your master & slave hosts or this won't work -Simon On Wed, 22 Aug 2001 09:45:24 +0200, Damir Horvat wrote: >Hello! > >I have name servers on public network without any ip filternig (yet). >I would like to ensure secure zone transfers from master to slave. > >One way is to setup IPSec between 2 hosts I've been told. I've never >done this, so for now it's my only solution. > >I'm using named 8.2.3-REL. > >Does someone know some other solution? > >Thanks, >damir > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010822143859.2C0A037B40E>