DNS Slave TSIG and any custom options



  • Using the bind package I have tried several ways to customize my configuration to include TSIG key supporting secure zone transfers. I have tried using an include statement to path to a tsig.conf file and using both global option or settings statement in the UI nothing seems to stick work. Anything I add in the UI stops the service with fatal service errors in the log. What I did get to work was to manually include the key option in named.com though that gets overwritten after a while, not sure what triggers that yet.

    key zxfr-key {
            algorithm hmac-md5;
            secret "___________________";
            };

    server 10.100.2.121 {
            keys { zxfr-key; };
            };

    Thanks in advance