[nsd-users] Notify refused, no acl matches
Alexander Varejão
frater.alexander at gmail.com
Mon Jul 4 15:02:24 UTC 2022
Hi,
>
> TSIG key to sign NOTIFY seems be missing in your BIND9 configuration.
> ( it should be
> also-notify { Z.Z.Z.Z key upd_key; };
> etc.)
>
> NSD's allow-notify ACL with a TSIG key requests
> - source IP address matches, and
> - good TSIG signature by the key
> for incoming NOTIFY messages.
>
>
> > My authoritative server has the following configuration:
> >
> -----------------------------------------------------------------------------
> > options {
> > ...
> > also-notify {Z.Z.Z.Z;};
> >
> -----------------------------------------------------------------------------
>
> Dear Daisuke,
>
> thanks for answer
>
> Great, I updated my /etc/bind/named.conf adding "key upd_key" to my
> "also-notify" option and now everything seems to work fine.
>
> Now I can proceed with my tests :)
>
> Best Regards
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nlnetlabs.nl/pipermail/nsd-users/attachments/20220704/868b1873/attachment.htm>
More information about the nsd-users
mailing list