allow-users with list of IP's and key

Red Cricket red.cricket.blog at gmail.com
Tue Aug 14 02:20:46 UTC 2012


Hi,

I am running bind 9.9.1-P1 and I have in my named.conf this zone ...

zone "example.com" {
...
    allow-update {
         192.168.1.32;
         192.168.1.33;
          key example.com.key;
    };
};

I was hoping that this meant that only hosts 192.168.1.32 and
192.168.1.33 with the key example.com.key
could update example.com, but after doing some test it appears that I
can update example.com from
192.168.1.32 and 192.168.1.33 without the key and that any host that
uses the key can update example.com.

What sort of config do I need to use to restrict updates to
192.168.1.32 or 192.168.1.33 AND the key?

Thanks
Red



More information about the bind-users mailing list