unknown option 'allow-update'
schnitzel meister
schnitzelmeister at gmail.com
Wed May 4 08:44:12 UTC 2005
Hello.
I'm running bind 9.2.4-1 on Debian Sarge (frozen!).
I currently have a primary name server and a secondary name server.
The plan is to add a third shortly. Every zone on the primary needs to
be pushed to the slaves when a zone is updated. This works, but it's
not secure.
Before I look at TSIG for doing this "properly" I'd like to get
ip-restricted updates working.
When using allow-update in the options part of the config, I get the
following error:
named[2108]: /etc/bind/named.conf.options:45: unknown option 'allow-update=
'
I'm guessing this is because it must be specified on a per-zone basis,
but this doesn't feel right. If I wanted to restrict updates across
all zones, but enable them on an individual zone, I'd expect to have
allow-update { none; } in options, and then allow-update { somewhere;
} in each zone.
Is it possible to use allow-update globally without adding the
statemet on a per-zone basis?
Thanks a lot.
More information about the bind-users
mailing list