15 Led
2024
15 Led
'24
16:45
On Mon, 15 Jan 2024 11:03:49 +0000
Einar Bjarni Halldórsson <einar(a)isnic.is> wrote:
Hi,
I’m updating our config files and I’m wondering if we need to set
‘key’ in remotes section, and in acl section? If I have this in my
config:
remote:
- id: remote01
address: 127.0.0.1
key: my_key
^^This looks like incomplete config. It should have port in it. I'd
expect:
remote:
- id: remote01
address: 127.0.0.1@53
Remote configuration tells where to contact.
acl:
- id: allow_transfer
address: 127.0.0.1
key: my_key
action: transfer
And acl describes which ip can transfer.
zone:
- domain: example.com
acl: [ allow_transfer ]
notify: [ remote01 ]
Couldn’t I just remove key attribute from the remote, since the acl
declares the address and key that are allowed to transfer the zone?
Remote declaration needs port and acl doesn't have port (allows all
source ports). So I'd say you need both.
--
Tuomo Soini <tis(a)foobar.fi>
Foobar Linux services
+358 40 5240030
Foobar Oy <https://foobar.fi/>