On Mar 16, 2014, at 3:32 AM, Bob McDonald wrote:
> Ok so it's not painless. Do the updates still get forwarded to the master by
> the slaves or do I need to have all Windows devices needing update capability
> to point at the master?
>
> TIA,
>
> Bob
I don't believe it works with update for
Signed updates, that is...
On Sun, Mar 16, 2014 at 5:32 AM, Bob McDonald wrote:
> Ok so it's not painless. Do the updates still get forwarded to the master
> by the slaves or do I need to have all Windows devices needing update
> capability to point at the master?
>
> TIA,
>
> Bob
>
>
>
> On F
Ok so it's not painless. Do the updates still get forwarded to the master
by the slaves or do I need to have all Windows devices needing update
capability to point at the master?
TIA,
Bob
On Fri, Mar 14, 2014 at 7:36 PM, Chris Buxton wrote:
> On Mar 14, 2014, at 10:50 AM, Bob McDonald wrote
On Mar 14, 2014, at 10:50 AM, Bob McDonald wrote:
> I agree that TSIG or SIG(0) signed updates are certainly a more desirable
> approach than allowing updates via address. My DHCP server is setup to sign
> all of it's updates this way. However, I have AD domain controllers in the
> environme
I agree that TSIG or SIG(0) signed updates are certainly a more desirable
approach than allowing updates via address. My DHCP server is setup to
sign all of it's updates this way. However, I have AD domain controllers
in the environment that don't currently use signed updates. Is there a
fairly
If you are going to forward updates use TSIG or SIG(0) to sign the
update and stop worrying about addresses. TSIG and SIG(0) are
billions and billions of times stronger authenticators than a IP
address.
"allow-update-forwarding { any; };" says forward all updates
regardless of the address they w
6 matches
Mail list logo