Solved

How to configure CentOS BIND as slave with Windows Server 2008 master using GSS-TSIG

Posted on 2011-03-23
2
2,488 Views
Last Modified: 2012-05-11
Hello 'Experts',

We are trying to configure a DNS service using Microsoft Windows Server 2008 R2 as the primary master DNS server and CentOS 5.5 running BIND 9.7.3 as the secondary slave. We have been successful in getting this running with the master transferring the zone data to the slave in an 'insecure' build. Our next step is to 'harden' the build by implementing GSS-TSIG to secure the zone tranfers between the master and slave servers. We referred to the following good article written by Patrick H Piper:

http://www.netlinxinc.com/netlinx-blog/45-dns/136-how-to-implement-gss-tsig-on-isc-bind.html

However, this article specifically refers to the Linux server as the master. We want to configure the Linux server as slave. When we applied the recommended configuration to our named.conf file, this broke the named service [i.e. we were not able to start the service]. The error message reported that you cannot use the 'update-policy' directive with a slave server.

Our question is how do we configure named.conf as a slave to use GSS-TSIG to secure zone transfers between the Windows based DNS master server and the CentOS based DNS slave?

Many thanks in advance.
0
Comment
Question by:Link-HRSystems
2 Comments
 
LVL 3

Accepted Solution

by:
dsexton18 earned 500 total points
ID: 35219265
0
 

Author Closing Comment

by:Link-HRSystems
ID: 35365262
This solution didn't actually reference my particular requirements, using Microsoft Windows Server 2008 R2 as the primary master DNS server and CentOS 5.5 running BIND 9.7.3 as the secondary slave as a consequence I have changed my solution, to using CentOS 5.5 running BIND 9.7 as the primary master DNS server and CentOS 5.5 running BIND 9.7.3 as the secondary slave , the article suggested by 'dsexton18' is for this solution.
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

One of the most often confused topics in the area DNS is the idea of GLUE records. Specifically, what they are, when they are needed, when they are provided, and how they are created. First, WHAT IS GLUE? To understand GLUE, you must first under…
I've written instructions for one router type, but this principle may be useful for others of the same brand and even other brands of router. Problem: I had an issue especially with mobile devices that refused to use DNS information supplied via…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now