It's also not as straight forward as people seem to think. You would need lots of exception processing which would be a combination of name and/or address and/or tsig pairs. All of this to "fix" a flawed security model. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org