about allow-update

Tech W. techwww at yahoo.com.cn
Mon Jul 27 02:24:25 UTC 2009


Hi Evan,

I follow your suggestion to add the corresponding syntax into named.conf, then I run "rndc reload", but got:

# sbin/rndc reload
rndc: connection to remote host closed
This may indicate that
* the remote server is using an older version of the command protocol,
* this host is not authorized to connect,
* the clocks are not syncronized, or
* the key is invalid.

bind version:
# sbin/named -v
BIND 9.6.0-P1


Please help, thanks.

Regards,
Wah.


--- On Thu, 16/7/09, Evan Hunt <each at isc.org> wrote:

> From: Evan Hunt <each at isc.org>
> Subject: Re: about allow-update
> To: "Tech W." <techwww at yahoo.com.cn>
> Cc: bind-users at lists.isc.org
> Received: Thursday, 16 July, 2009, 11:26 AM
> 
> > Besides TSIG key, I want to limit the source address
> also.  That's to
> > say, I want the given address with specified key to
> execute the update
> > only.
> > 
> > How can I do it? Is this syntax correct?
> > 
> > allow-update {key "mykey"; 192.168.1.254;};
> 
> Alas, no.  What you want is:
> 
>         allow-update { !{
> !192.168.1.254; any; }; key mykey; } 
> 
> See http://www.mail-archive.com/bind-users@lists.isc.org/msg00045.html
> for my hard-to-read explanation of this painful syntax.
> 
> --
> Evan Hunt -- each at isc.org
> Internet Systems Consortium, Inc.
> 


      ____________________________________________________________________________________
Access Yahoo!7 Mail on your mobile. Anytime. Anywhere.
Show me how: http://au.mobile.yahoo.com/mail



More information about the bind-users mailing list