dynamic DNS updates using nsupdate - how to update a different view.

[Per Jessen]

Dave Clark wrote:

> nsupdate doesn't do it.  BIND looks at the key used to authenticate
> the transfer before selecting which view to search for the zone.
> Dave

Sorry, that's what I meant to say too. 
Anyway, I've been trying this out and I'm not getting very far.  

I've got 4 views:  "local", "sat01", "sat99", and "world".  "local" is
for local consumption, "sat01" and "sat99" are each for dedicated
specific client-addresses and/or -ranges and "world" is obviously for
everybody else.

This is my config:

view "sat99" {
        match-clients { 192.168.67.0/24; key helium.; };
        recursion no;
        include "/etc/named.d/sat99.conf";
};

/etc/named.d/sat99.conf:

key helium. {
        algorithm hmac-md5;
        secret "cb4DdGo8jUY4DLEt2aH+YQ==";
};

zone "test.net" {
        type master;
        file "master/test.net.99";
        notify yes;
        allow-update { key helium.; };
};


>From a local host (192.168.2.113), I then try to update view "sat99"
using the following input to nsupdate: 

server 192.168.2.104
zone spamchek.net
key helium. cb4DdGo8jUY4DLEt2aH+YQ==
update delete x.test.net. IN A
update add x.test.net. 300 IN A 1.2.3.4
show
send


The target server at 192.168.2.104 hits on the first applicable zone
according to IP-address and fails as 192.168.2.113 is not allowed to
update anything in view "local".  But it doesn't go through the
remaining views to see if a key matches anywhere?  I can sort of
understand why this is, but does it mean I cannot have nsupdate a view
other than the first select (by IP) ? 



/Per Jessen, Zürich (-0.50 °C)