/usr/share/opendnssec/zonefetch.xml is in opendnssec-common 1.3.4-1ubuntu1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 | <?xml version="1.0" encoding="UTF-8"?>
<ZoneFetch>
<!-- where to listen for notifies -->
<!-- DEFAULT: do not listen to notify on specific address -->
<NotifyListen><Port>53</Port></NotifyListen>
<!-- default inbound AXFR settings
(per zone setting not yet implemented) -->
<Default>
<!-- TSIG secret for inbound AXFR -->
<!-- DEFAULT: don't use TSIG -->
<TSIG>
<Name>secret.example.com.</Name>
<!-- http://www.iana.org/assignments/tsig-algorithm-names -->
<Algorithm>hmac-sha256</Algorithm>
<!-- base64 encoded secret -->
<Secret>sw0nMPCswVbes1tmQTm1pcMmpNRK+oGMYN+qKNR/BwQ=</Secret>
</TSIG>
<!-- address of host to request AXFR from -->
<!-- incoming NOTIFY has to match this address as well -->
<!-- DEFAULT: none -->
<RequestTransfer>
<IPv4>192.0.2.2</IPv4><Port>53</Port>
</RequestTransfer>
</Default>
</ZoneFetch>
|