services.nsd.zones.<name>.allowNotify
Listed primary servers are allowed to notify this secondary server.
Format: <ip> <key-name | NOKEY | BLOCKED>
<ip> either a plain IPv4/IPv6 address or range.
Valid patters for ranges:
10.0.0.0/24: via subnet size10.0.0.0&255.255.255.0: via subnet mask10.0.0.1-10.0.0.254: via range
A optional port number could be added with a '@':
2001:1234::1@1234
<key-name | NOKEY | BLOCKED>
<key-name>will use the specified TSIG keyNOKEYno TSIG signature is requiredBLOCKEDnotifies from non-listed or blocked IPs will be ignored
- Type
list of string- Default
[ ]- Example
[ "192.0.2.0/24 NOKEY" "10.0.0.1-10.0.0.5 my_tsig_key_name" "10.0.3.4&255.255.0.0 BLOCKED" ]- Declared
- <nixpkgs/nixos/modules/services/networking/nsd.nix>