[Question] zone transfer issue with multiple views

Hi all, I wonder if anyone can help me find the cause of the problem I am currently having. I am testing BIND with two views - internal, external. Everything seems okay except for one thing - zone transfer doesn't look happening for reverse zone for external view. On my slave server, I can see

Re: DNSSEC / Include a subdomain's KSK data, ZSK data or both in parent domain?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ralph, I run a site with a similar arrangement of parent and child zones on the same signing server with "auto-dnssec maintain" and "inline-signing yes". My research found that only DS records for the child zone's KSK(s) needed to be put into the par

DNSSEC / Include a subdomain's KSK data, ZSK data or both in parent domain?

Hello list members. I use the following configuration for a domain-subdomain pair: zone "example.com" IN { type master; file "pri/example.com.zone"; auto-dnssec maintain; inline-signing yes; }; zone "subdom.example.com" IN { type master; file "pri/subdom

Re: Proper use of keyid in allow-transfer

On 7 December 2017 at 07:41, MURTARI, JOHN wrote: > > > The slave server defines the same key and is located at > 192.168.1.1. When we use the above on the master, transfers for any zone > work fine. If we remove the IP address and try a transfer we get > ‘denied’. What are we

Proper use of keyid in allow-transfer

Folks, Came across usage of a keyid as an address list in a allow-transfer option on a older server site. Didn't really know that was legal. It seemed an easier way to allow zone transfers without constantly updating a list of IP addresses on a master server. The only trouble