IPv6 readyNote: This archive passes through spamassassin. Every mail marked with the subject "*****SPAM*****" has exceed a certain threshold of spam-like behaviour.

[Users] Opportunistic/Wavesec Keys in non-ISC BIND DNS

From: Ken Bantoft (ken_at_networkoverlord.com)
Date: Thu Jul 04 2002 - 20:43:41 CEST

Anyone had success putting thier ipsec showhostkey's into non BIND based
DNS Servers? I'm specifically stuck with having to deal with MS's DNS
server.

I know it doesn't support they KEY records, but if I understood right,
I could at least put in a TXT record in the reverse lookup zone with the key...

So I currently have:

dig @msdnserver.example.com txt 250.1.16.172.in-addr.arpa

;; QUESTION SECTION:
;250.1.16.172.in-addr.arpa. IN TXT

;; ANSWER SECTION:
250.1.16.172.in-addr.arpa. 3600 IN TXT "\"X-IPsec-Server(10)=172.16.1.250\" \"AQO2O+3XHJn2lKGFR8wOGbzV0zQakSxxrGi5JofShTjHf90IrKA2S5ZHuxuqGocm6cK1/1OBR4Td+JNpjIqJPeuQOyHTeIAxu42wcfNAhM9yiaVq+41e" 

-- 
Ken Bantoft			One Unix to rule them all, One Resolver to find them,
ken_at_networkoverlord.com		One IP to bring them all, and in the zone, bind them.

_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users

This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:20:18 CEST