Create the zone key used for the transfer (IPs can be used, but it’s not as secure)

$ dnssec-keygen -a HMAC-MD5 -b 128 -n HOST zonetransfer

-a HMAC-MD5
The encryption procedure used (here HMAC-MD5)
-b 128
The length of the key (in the example, 128 bits)
-n HOST
The type of key
zonetransfer
Name of key

Include the key into the server config

in named.conf:

key “name-ofzone-com” {
algorithm hmac-md5;
secret “eoifl2349304rrjabwqA==”;
};

Configure the zone

zone “name.ofzone.com” { type master; file “/zones/master/name.ofzone.com.db”; allow-transfer { key name-ofzone-com;}; };

this uses the defined name of the key

Configure Master

Create the zone key used for the transfer (IPs can be used, but it’s not as secure)

Include the key into the server config

Configure the zone

Search

Latest Changes

Top Pages

Newest Blog Posts