[Pdns-users] TSIG Config
Kevin P. Fleming
kevin at km6g.us
Fri Apr 24 15:17:52 UTC 2020
There is currently no mechanism to *require* TSIG keys for AXFR.
ALLOW-AXFR-FROM provide a list of IP addresses which can AXFR with or
without a TSIG key; TSIG-ALLOW-AXFR names a TSIG key which can be used
to AXFR even if the requester's IP address is not included in
On Fri, Apr 24, 2020 at 11:12 AM Stanford Mings via Pdns-users
<pdns-users at mailman.powerdns.com> wrote:
> Hello All,
> I am having a problem where while my PDNS server is running and AXFR transfers are successful, I have not been able to implement TSIG.
> Even after activating the zone, and ensuring the domainmetadata table has the necessary entries including the ALLOW-AXFR-FROM and TSIG-ALLOW-AXFR , I am still able to do the transfers without the key.
> What am I doing wrong?
> Any assistance would be appreciated.
> launch = gmysql
> gmysql-host = localhost
> gmysql-user = ***********
> gmysql-password = ***********
> gmysql-dbname = powerdns
> Stanford T. Mings Jr. ~Technologist ~
> stanford at tech.vi ~ http://www.tech.vi ~ 786-269-5718
> VI Technical Services, LLC ~ 9160 Estate Thomas ~
> Suite 195 ~ St. Thomas, VI, 00802
> Pdns-users mailing list
> Pdns-users at mailman.powerdns.com
More information about the Pdns-users