Update Security

Bob McDonald bmcdonaldjr at gmail.com
Fri Mar 14 16:24:28 UTC 2014

I want to confirm my understanding of security of DDNS updates.

I have a stealth master "A" feeding slave "B" and "C".

I have allow-update-forwarding { any; } specified on "B" and "C".

If a client "D" presents an update to "B" or "C" it will automatically be
forwarded to "A".

If "B" or "C" are in the allow-updates ACL on "A" all updates will be

If "D" is in the allow-udates ACL on "A" (and not "B" or "C") the updates
from "D" will be applied.  However an update from "E" presented to "B" or
"C" will be forwarded but not processed.

Is this correct?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20140314/36fefe15/attachment.html>

More information about the bind-users mailing list