Context Navigation

named

-                      v23
+                      v24
  > * BIND 9.3 and later: Use TSIG to select the appropriate view.
  > * Before BIND 9.3: You will need to give the master and slave multiple IP addresses and use those to make sure you reach the correct view on the other machine.
+ * digコマンドを使ったTSIG設定のテスト
+ > $ man 1 dig
+ >        To sign the DNS queries sent by dig and their responses using
+ >        transaction signatures (TSIG), specify a TSIG key file using the -k
+ >        option. You can also specify the TSIG key itself on the command line
+ >        using the -y option; hmac is the type of the TSIG, default HMAC-MD5,
+ >        name is the name of the TSIG key and key is the actual key. The key is
+ >        a base-64 encoded string, typically generated by dnssec-keygen(8).
+  * $ dig -y key_setting_name:"base64 strings of secret key" axfr target.domain @dns_master.server
+  * 「key_setting_name」は、named.confで「key "key_setting_name" { ... };」と設定したものを指定
+  * manにも書かれているが、コマンドラインに鍵の中身を直接書くことになるので、シェルのヒストリ等に気をつける
  = disable ipv6 =