1. You might need to synchronise the two servers: dhcp and bind check the /var/log/messages if you get someting like > Jun 19 21:52:30 moonlight ntpd[15912]: time error -21852 over 1000 seconds; set clock manually then the clocks aren't synchronized as the line above states. ntpd can't adjust time if the difference is greater than 1,000 sec. install ntp, stop ntpd, ntpdate your boxes, start ntpd again and run hwclock --systohc --utc 2. create the dns key using the new_key.pl silly script or using a command like dnssec-keygen -a HMAC-MD5 -b 128 -n USER mykey 3. use these examples or other sources