Receiving "unapproved update from" error

Mark_Andrews at Mark_Andrews at
Tue Nov 23 23:57:57 UTC 1999

> I am running BIND 8.2.2p3 on all of my DNS servers.  My authoritative
> servers (primary & secondary) are receiving many "unapproved update
> from..." error messages with frequent entries coming from the local
> host.  As I understand this entry, it is being written because of
> dynamic DNS.  Why would an Authoritative Secondary server write this
> message to his own messages file?  What am I not understanding? Any help
> is appreciated!
> Thanks in advance
> Steve

	Because a secondary is supposed to forward the request (BIND
	doesn't because that part of the code is broken) and for this
	to be "safe" without cryptographic techniques the secondary
	needs apply the same acl as the primary.

	The default ACL is none.

Mark Andrews, Internet Engines Inc. / Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at

More information about the bind-users mailing list