Hi Evan, I follow your suggestion to add the corresponding syntax into named.conf, then I run "rndc reload", but got:
# sbin/rndc reload rndc: connection to remote host closed This may indicate that * the remote server is using an older version of the command protocol, * this host is not authorized to connect, * the clocks are not syncronized, or * the key is invalid. bind version: # sbin/named -v BIND 9.6.0-P1 Please help, thanks. Regards, Wah. --- On Thu, 16/7/09, Evan Hunt <e...@isc.org> wrote: > From: Evan Hunt <e...@isc.org> > Subject: Re: about allow-update > To: "Tech W." <tech...@yahoo.com.cn> > Cc: bind-users@lists.isc.org > Received: Thursday, 16 July, 2009, 11:26 AM > > > Besides TSIG key, I want to limit the source address > also. That's to > > say, I want the given address with specified key to > execute the update > > only. > > > > How can I do it? Is this syntax correct? > > > > allow-update {key "mykey"; 192.168.1.254;}; > > Alas, no. What you want is: > > allow-update { !{ > !192.168.1.254; any; }; key mykey; } > > See http://www.mail-archive.com/bind-users@lists.isc.org/msg00045.html > for my hard-to-read explanation of this painful syntax. > > -- > Evan Hunt -- e...@isc.org > Internet Systems Consortium, Inc. > ____________________________________________________________________________________ Access Yahoo!7 Mail on your mobile. Anytime. Anywhere. Show me how: http://au.mobile.yahoo.com/mail _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users