View Single Post
  #15  
Old 31st October 2009, 13:36
gary_gb gary_gb is offline
Junior Member
 
Join Date: Oct 2009
Posts: 3
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Still trying to understand and get it all clear in my head too.

But, I think that they're actually 2 different things.

The rndc key is just so that you can issue rndc commands on the local machine:
http://www.redhat.com/docs/manuals/l...bind-rndc.html
Quote:
In order to prevent unauthorized users on other systems from controlling BIND on your server, a shared secret key method is used to explicitly grant privileges to particular hosts. In order for rndc to issue commands to any named, even on a local machine, the keys used in /etc/named.conf and /etc/rndc.conf must match.
And it seems like I've been setting BIND up to use a seperate key/secret for zone transfers to the slaves.

So, I think the rndc secret needs to be there so that the local machine can speak to itself at the very least.

But it looks like maybe using the rndc secret may work for the secret in the slave as well. Haven't tried or tested yet though, it's heavy reading eh!
Reply With Quote