How to configure CentOS BIND as slave with Windows Server 2008 master using GSS-TSIG

Posted on 2011-03-23
Last Modified: 2012-05-11
Hello 'Experts',

We are trying to configure a DNS service using Microsoft Windows Server 2008 R2 as the primary master DNS server and CentOS 5.5 running BIND 9.7.3 as the secondary slave. We have been successful in getting this running with the master transferring the zone data to the slave in an 'insecure' build. Our next step is to 'harden' the build by implementing GSS-TSIG to secure the zone tranfers between the master and slave servers. We referred to the following good article written by Patrick H Piper:

However, this article specifically refers to the Linux server as the master. We want to configure the Linux server as slave. When we applied the recommended configuration to our named.conf file, this broke the named service [i.e. we were not able to start the service]. The error message reported that you cannot use the 'update-policy' directive with a slave server.

Our question is how do we configure named.conf as a slave to use GSS-TSIG to secure zone transfers between the Windows based DNS master server and the CentOS based DNS slave?

Many thanks in advance.
Question by:Link-HRSystems

Accepted Solution

dsexton18 earned 500 total points
ID: 35219265

Author Closing Comment

ID: 35365262
This solution didn't actually reference my particular requirements, using Microsoft Windows Server 2008 R2 as the primary master DNS server and CentOS 5.5 running BIND 9.7.3 as the secondary slave as a consequence I have changed my solution, to using CentOS 5.5 running BIND 9.7 as the primary master DNS server and CentOS 5.5 running BIND 9.7.3 as the secondary slave , the article suggested by 'dsexton18' is for this solution.

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
AWS ELB 5 74
fedora linux on laptop - setup sendmail - or some kind of email 5 38
Why does my ISP's DNS resolve a non-existent domain as localhost ? 10 41
ftp to port 21 4 40
BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (, affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
Fine Tune your automatic Updates for Ubuntu / Debian
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now