How does the rule "self" with update-policy function?
martienne
sylvain.martienne at 6wind.com
Wed May 2 10:17:03 UTC 2001
Hi,
I use BIND 9.1.1rc7 on FreeBSD 3.5. I would like to use the rule "self"
with dynamic update, but it doesn't work, and I don't understand the
trouble.
I have the domain "testzone.firm.com." in which I have three hosts, the
first "Host1" is the DNS server, the second "Host2" and the last one
"host3". I want that the second and the third can update it-self its
addresses without to be able to modify the addresses of each other.
Here there is an part of my named.conf:
key host1-host2. {
algorithm hmac-md5;
secret "xxx";
};
key host1-host3. {
algorithm hmac-md5;
secret "yyy";
};
zone "testzone.firm.com." in {
type master;
update policy {
grant * self * A AAAA A6;
};
file "db.testzone";
};
I created the key with dnssec-keygen as it explains in the ARM docs.
I use nsupdate to check if the update request works without any success
from now. What is strange, is that other rules works well.
I think I don't understang what is the message signer. When I was on
Host2 and I would like to add a new address for this host, who is the
message signer if I do the command line:
su-2.04#nsupdate -k /etc/keys/Khost1-host2.+157+21357
> update add host2.testzone.firm.com. 86400 in a 10.19.40.111
>
>
I 'll appreciate any help.
--
Sylvain MARTIENNE
More information about the bind-users
mailing list