MyNixOS website logo
MyNixOS website logo
Flakes
Categories
Options
Packages
option

services.nsd.zones.<name>.allowNotify

Listed primary servers are allowed to notify this secondary server.

Format: <ip> <key-name | NOKEY | BLOCKED>

<ip> either a plain IPv4/IPv6 address or range. Valid patters for ranges:

  • 10.0.0.0/24: via subnet size
  • 10.0.0.0&255.255.255.0: via subnet mask
  • 10.0.0.1-10.0.0.254: via range

A optional port number could be added with a '@':

  • 2001:1234::1@1234

<key-name | NOKEY | BLOCKED>

  • <key-name> will use the specified TSIG key
  • NOKEY no TSIG signature is required
  • BLOCKEDnotifies from non-listed or blocked IPs will be ignored.
Declarations
nixos/modules/services/networking/nsd.nix
Type
list of string
Default
[ ]
Example
[
  "192.0.2.0/24 NOKEY"
  "10.0.0.1-10.0.0.5 my_tsig_key_name"
  "10.0.3.4&amp;255.255.0.0 BLOCKED"
]