• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2722
  • Last Modified:

How to configure CentOS BIND as slave with Windows Server 2008 master using GSS-TSIG

Hello 'Experts',

We are trying to configure a DNS service using Microsoft Windows Server 2008 R2 as the primary master DNS server and CentOS 5.5 running BIND 9.7.3 as the secondary slave. We have been successful in getting this running with the master transferring the zone data to the slave in an 'insecure' build. Our next step is to 'harden' the build by implementing GSS-TSIG to secure the zone tranfers between the master and slave servers. We referred to the following good article written by Patrick H Piper:

http://www.netlinxinc.com/netlinx-blog/45-dns/136-how-to-implement-gss-tsig-on-isc-bind.html

However, this article specifically refers to the Linux server as the master. We want to configure the Linux server as slave. When we applied the recommended configuration to our named.conf file, this broke the named service [i.e. we were not able to start the service]. The error message reported that you cannot use the 'update-policy' directive with a slave server.

Our question is how do we configure named.conf as a slave to use GSS-TSIG to secure zone transfers between the Windows based DNS master server and the CentOS based DNS slave?

Many thanks in advance.
0
Link-HRSystems
Asked:
Link-HRSystems
1 Solution
 
Link-HRSystemsAuthor Commented:
This solution didn't actually reference my particular requirements, using Microsoft Windows Server 2008 R2 as the primary master DNS server and CentOS 5.5 running BIND 9.7.3 as the secondary slave as a consequence I have changed my solution, to using CentOS 5.5 running BIND 9.7 as the primary master DNS server and CentOS 5.5 running BIND 9.7.3 as the secondary slave , the article suggested by 'dsexton18' is for this solution.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now