how to dynamically change/update (own private) domain record

lejeczek peljasz at
Sat Sep 22 16:20:50 UTC 2018

On 22/09/18 17:04, Reindl Harald wrote:
> Am 22.09.18 um 17:53 schrieb lejeczek via bind-users:
>> is it possible to update domain(not hosts of/in the domain) records?
> there is nothing like "not hosts of/in the domain"
>> Something like
>> domain.local A
> which is simply an A record and not "not hosts of/in the domain"
>> simple, right?
>> I'm trying nsupdate but it refuses to do above
> what about provide informations like state of the zone file and
> unaltered input/output of "nsupdate" given that crystal balls are out of
> order?
from my previous post, (different subject):


I do:
 > update delete ddd.dom.local. 86400 in a
 > send
and that works, but when I try:
 > update add dom.local. 86400 in a
 > send
update failed: REFUSED

..and in logs:
client @0x7fd7a40f2e40 nsupdate_key: updating zone 
'dom.local/IN': update failed: rejected by secure update (REFUSED)

..and zone:
   zone "dom.local" IN {
     auto-dnssec maintain;
     key-directory "myZones";
     allow-query     { localhost; dom.local; };
     #allow-update { key dhcpd; key nsupdate_key; };
     update-policy {
       grant dhcpd wildcard *.dom.local. A CNAME TXT;
       grant nsupdate_key wildcard *.dom.local. A CNAME TXT;
     # below line would be for a slave/stub secondary server
     #allow-transfer { localbox;; };
     type master;
     file "myZones/dom.local.signed";

thanks, L

More information about the bind-users mailing list