Autodetection of IP address for nsupdate of A record
Jan-Piet Mens
jpmens.dns at gmail.com
Sun Apr 24 08:32:39 UTC 2011
> Now I want to do it right, but I don't see a way for nsupdate to do
> what httpd does: autodetection of client IP address for nsupdate of
> its A record.
>
> I can script something on the client end to get the IP address, but
> if possible I'd prefer autodetection, which would be OS- and
> shell-agnostic. Is that possible?
No, that isn't possible. As you say, you'd have to script something
around it on the client side.
> So if I wanted my home server to be able to nspdate with a SIG(0)
> key, that works, but I can't have my named use that key to AXFR or
> IXFR my zones?
Correct. Bv9ARM section 4.5.5 specifies that ACL definitions for
allow-{query|transfer} have been extended to allow TSIG keys, but there
is no mention of SIG(0) keys.
I use SIG(0) for granting updates, and TSIG for restricting AXFR.
Regards,
-JP
More information about the bind-users
mailing list