how to dynamically change/update (own private) domain record
Mark Andrews
marka at isc.org
Sat Sep 22 20:58:38 UTC 2018
The update policy rules you have don’t allow the apex to be updated. Change the rule types to “subdomain” and the name fields to “dom.local”.
--
Mark Andrews
> On 23 Sep 2018, at 02:20, lejeczek via bind-users <bind-users at lists.isc.org> wrote:
>
>> On 22/09/18 17:04, Reindl Harald wrote:
>>
>>> Am 22.09.18 um 17:53 schrieb lejeczek via bind-users:
>>> is it possible to update domain(not hosts of/in the domain) records?
>> there is nothing like "not hosts of/in the domain"
>>
>>> Something like
>>>
>>> domain.local A 10.1.1.100
>> which is simply an A record and not "not hosts of/in the domain"
>>
>>> simple, right?
>>>
>>> I'm trying nsupdate but it refuses to do above
>> what about provide informations like state of the zone file and
>> unaltered input/output of "nsupdate" given that crystal balls are out of
>> order?
>>
>>
> from my previous post, (different subject):
>
> ..
>
> I do:
> > update delete ddd.dom.local. 86400 in a 10.3.1.100
> > send
> and that works, but when I try:
> > update add dom.local. 86400 in a 10.3.1.100
> > send
> update failed: REFUSED
>
> ..and in logs:
> client @0x7fd7a40f2e40 127.0.0.1#9489/key nsupdate_key: updating zone 'dom.local/IN': update failed: rejected by secure update (REFUSED)
>
> ..and zone:
> zone "dom.local" IN {
> auto-dnssec maintain;
> key-directory "myZones";
> allow-query { localhost; dom.local; };
> #allow-update { key dhcpd; key nsupdate_key; };
> update-policy {
> grant dhcpd wildcard *.dom.local. A CNAME TXT;
> grant nsupdate_key wildcard *.dom.local. A CNAME TXT;
> };
> # below line would be for a slave/stub secondary server
> #allow-transfer { localbox; 172.25.12.203; };
> type master;
> file "myZones/dom.local.signed";
> };
>
> thanks, L
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
More information about the bind-users
mailing list