error: 'allow-update' is not allowed in 'slave' zone
Adrian Zaugg
lists.isc.org at mailgurgler.com
Wed Feb 14 11:58:01 UTC 2024
Hi Mounika
If you connect to a secondary nameserver to accept dynamic zone updates you
have to configure on the secondary inside the slave zone section a statement:
allow-update-forwarding { dhcp-updates; };
...where "dhcp-updates" is an ACL (that could be named as you like) that
lists the ip of the host that your updates are coming from (probably your DHCP
server). It has to be defined in its own section:
acl dhcp-updates {
1.2.3.4/32;
};
Furthermore you need to make sure the primary accepts the forwarded dynamic
updates. You cannot have zone updates on a secondary.
Regards, Adrian.
In der Nachricht vom Wednesday, 14 February 2024 12:36:04 CET schrieb trgapp16
via bind-users:
> Hello,
>
> I configured Bind 9.18.12 as slave DDNS with dynamic updates from DHCP (ISC
> DHCP 4.4) running on the same server (Ubuntu 22.04 server)
>
> When I run "named-checkconf named.conf", I get the following error
>
> "named.conf:2018: option 'allow-update' is not allowed in 'slave' zone
> 'zonename.com'"
>
> Following is the named.conf file (part)
>
> zone "zonename.com" {
> type slave;
> file "com/zonename/sec.zonename.com";
> masters {
> IP address;
> };
> allow-update {
> key rndc-key;
> };
> allow-transfer {
> IP address;
> };
> };
>
> I am clueless what is going wrong. Any help is greatly appreciated
>
> Thanks in advance,
> Mounika
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20240214/45f5e1a8/attachment.sig>
More information about the bind-users
mailing list