about allow-update

Evan Hunt each at isc.org
Thu Jul 16 03:26:35 UTC 2009


> Besides TSIG key, I want to limit the source address also.  That's to
> say, I want the given address with specified key to execute the update
> only.
> 
> How can I do it? Is this syntax correct?
> 
> allow-update {key "mykey"; 192.168.1.254;};

Alas, no.  What you want is:

        allow-update { !{ !192.168.1.254; any; }; key mykey; } 

See http://www.mail-archive.com/bind-users@lists.isc.org/msg00045.html
for my hard-to-read explanation of this painful syntax.

--
Evan Hunt -- each at isc.org
Internet Systems Consortium, Inc.



More information about the bind-users mailing list