about allow-update
Tech W.
techwww at yahoo.com.cn
Mon Jul 27 02:24:25 UTC 2009
Hi Evan,
I follow your suggestion to add the corresponding syntax into named.conf, then I run "rndc reload", but got:
# sbin/rndc reload
rndc: connection to remote host closed
This may indicate that
* the remote server is using an older version of the command protocol,
* this host is not authorized to connect,
* the clocks are not syncronized, or
* the key is invalid.
bind version:
# sbin/named -v
BIND 9.6.0-P1
Please help, thanks.
Regards,
Wah.
--- On Thu, 16/7/09, Evan Hunt <each at isc.org> wrote:
> From: Evan Hunt <each at isc.org>
> Subject: Re: about allow-update
> To: "Tech W." <techwww at yahoo.com.cn>
> Cc: bind-users at lists.isc.org
> Received: Thursday, 16 July, 2009, 11:26 AM
>
> > Besides TSIG key, I want to limit the source address
> also. That's to
> > say, I want the given address with specified key to
> execute the update
> > only.
> >
> > How can I do it? Is this syntax correct?
> >
> > allow-update {key "mykey"; 192.168.1.254;};
>
> Alas, no. What you want is:
>
> allow-update { !{
> !192.168.1.254; any; }; key mykey; }
>
> See http://www.mail-archive.com/bind-users@lists.isc.org/msg00045.html
> for my hard-to-read explanation of this painful syntax.
>
> --
> Evan Hunt -- each at isc.org
> Internet Systems Consortium, Inc.
>
____________________________________________________________________________________
Access Yahoo!7 Mail on your mobile. Anytime. Anywhere.
Show me how: http://au.mobile.yahoo.com/mail
More information about the bind-users
mailing list