You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
PDNS-Auth fails to load, complaining about the "masters" line; but loads OK when I remove 'key "ioc2rpz-net-1234redacted"'. The zone does not transfer (obviously) because the TSIG key is not being sent with the AXFR request.
I read about using pdnsutil to define the keys and associate them with a zone, but looks like this is not compatible with the BIND backend?
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Hi all - I'm using PDNS auth-49 running in Docker, with the BIND backend.
Trying to get an authoritative RPZ secondary set up, pulling zones from ioc2rpz using a TSIG key.
Working configuration in BIND looks like this:
PDNS-Auth fails to load, complaining about the "masters" line; but loads OK when I remove 'key "ioc2rpz-net-1234redacted"'. The zone does not transfer (obviously) because the TSIG key is not being sent with the AXFR request.
I read about using pdnsutil to define the keys and associate them with a zone, but looks like this is not compatible with the BIND backend?
https://doc.powerdns.com/authoritative/tsig.html
Can we confirm how to define and enable TSIG keys for AXFR requests with the BIND backend?
Beta Was this translation helpful? Give feedback.
All reactions