GSS-TSIG update policy identity field

Juergen Dietl isclists01 at googlemail.com
Thu May 12 08:33:28 UTC 2011


Hello Mark

i am not that professional in bind. Normally I am a CISCO expert but now I
also do the bind for 6 months. I cannot imagine why this post should help
me.

What do this match-type "external" mean? I am not aware of running any
external daemon. Or was this just for the ACLs problem from Phil?

thanx a lot,
cheers,


2011/5/11 Mark Andrews <marka at isc.org>

>
> In message <4DCA7893.5060402 at imperial.ac.uk>, Phil Mayers writes:
> > On 11/05/11 12:17, Mark Andrews wrote:
> >
> > > {ms,krb5}-subdomain allows updates of *.machinename
> >
> > One note - this isn't so handy if you have a disjoint namespace, where:
> >
> > machinename.*.example.com
> >
> > ...is what you want. We are in this boat, and can't use the built in
> > ACLs for this very reason.
>
> This from 9.8 should help you.
>
> 3003.   [experimental]  Added update-policy match type "external",
>                        enabling named to defer the decision of whether to
>                        allow a dynamic update to an external daemon.
>                        (Contributed by Andrew Tridgell.) [RT #22758]
>
>
> --
> Mark Andrews, ISC
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20110512/f5c6e5f7/attachment.html>


More information about the bind-users mailing list