First thing. Ensure that the nameservers are properly ntp synced.
This should get rid of mosr timing issues.
Secondly, for the failing zone run tcpdump on both ends and compare
the TCP payload of the packets. They should be byte for byte
identical. If they differ then the NAT box is fiddling w
On Wed, Aug 18, 2010, at 00:42:40AM GMT+02:00, Hauke Lampe wrote:
What TSIG algorithms do you use and how long are the keys?
HMAC-MD5, 128 bit. The keys are 24 chars long. I'll try to test with
another algorithm, however I find it quite strange; if it works for
some zones, why doesn't it wo
Joachim Tingvold wrote:
> During initial startup of NS3, most zones gets «tsig verify failure»,
> but some zones are successfully transferred. All zones uses the same
> transfer-key.
> Could this be an issue with different BIND-versions, or are there
> other matters that could cause
On 28-Feb-2009, at 04:11, Jeremie Le Hen wrote:
AXFR fails invariably with the following error: "tsig verify failure".
Do, by chance, TSIG packets use IP address during encryption?
I've been struggling to understand the problem for maybe 8 hours, but
I'm clueless now... Any help would be welco
4 matches
Mail list logo
