Update RPZ zone records
Mark Andrews
marka at isc.org
Wed Jan 24 21:46:59 UTC 2018
Nsupdate treats all names as absolute so you need to add the .rpz to the end.
--
Mark Andrews
> On 25 Jan 2018, at 08:19, Anvar Kuchkartaev via bind-users <bind-users at lists.isc.org> wrote:
>
> Hello,
>
> I am trying to update RPZ zone records dynamically using nsupdate. But unfortunately I am facing with NOTZONE option.
>
> nsupdate -k /etc/rndc.key < nsupdate.txt
>
> Outgoing update query:
> ;; ->>HEADER<<- opcode: UPDATE, status: NOERROR, id: 0
> ;; flags:; ZONE: 0, PREREQ: 0, UPDATE: 0, ADDITIONAL: 0
> ;; ZONE SECTION:
> ;rpz. IN SOA
>
> ;; UPDATE SECTION:
> 32.213.60.86.188.rpz-client-ip. 60 IN CNAME rpz-passtrhu.
>
> update failed: NOTZONE
>
>
> nsupdate.txt:
>
> server localhost
> zone rpz
> update add 32.213.60.86.188.rpz-client-ip. 60 CNAME rpz-passtrhu.
> show
> send
>
>
> my rpz zone:
>
> zone "rpz" IN {
> type master;
> file "named.rpz";
> allow-query { localhost; };
> update-policy {
> grant rndc-key zonesub ANY;
> };
> };
>
> Any help will be greatly appreciated,
>
> --
> Anvar Kuchkartaev
> anvar at aegisnet.eu
>
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
More information about the bind-users
mailing list