Vincent Rivellino wrote: > Shouldn't using dig fail from the slave? > > For example: > > [...@stuey ~]$ dig -t AXFR domain.tld @ns1.someserver > > ; <<>> DiG 9.5.1-P1 <<>> -t AXFR domain.tld @ns1.someserver > ;; global options: printcmd > ; Transfer failed.
It all depends on what you do with the TSIG. I don't block using TSIG, I just validate (certain) domain transfers. Also, the use of TSIG to pick a view, etc. won't result in a failed query. AlanC
signature.asc
Description: OpenPGP digital signature
_______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
