Restrict Dynamic Updates to a Portion of a Zone

[Barry Margolin]

In article <8cstu4$5qd$1 at nnrp1.deja.com>,  <docbrown at mailexcite.com> wrote:
>In article <cYrH4.78$Nc4.2380 at burlma1-snr2>,
>  Barry Margolin <barmar at genuity.net> wrote:
>> In article <8clets$d9u$1 at nnrp1.deja.com>,  <docbrown at mailexcite.com>
>wrote:
>> >Is there anyway using Bind 8.2.2p5 to restrict what parts of a give
>zone
>> > can be updated dynamically?
>> >
>> >For example, say I have a zone, testzone.com with hosts A, B, C, D.
>Can
>> >I say let the hosts and IP address for C and D be updated dynamically
>> >while never dynamically change A and B?
>>
>> You could delegate A and B into zones of their own:
>>
>> zone "testzone.com" {
>>   ...
>>   allow-update { ... };
>> };
>>
>> zone "a.testzone.com" {
>>   ...
>> };
>>
>> zone "b.testzone.com" {
>>   ...
>> };
>>
>
>A good idea, but the NS records for zone a.testzone.com or
>b.testzone.com are store in testzone.com and those NS records could be
>updated/changed.

They'll be ignored, because the more specific records in the subdomains
take precedence.

-- 
Barry Margolin, barmar at genuity.net
Genuity, Burlington, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.