Hi Evan,
I follow your suggestion to add the corresponding syntax into named.conf, then
I run "rndc reload", but got:
# sbin/rndc reload
rndc: connection to remote host closed
This may indicate that
* the remote server is using an older version of the command protocol,
* this host is not authorized to connect,
* the clocks are not syncronized, or
* the key is invalid.
bind version:
# sbin/named -v
BIND 9.6.0-P1
Please help, thanks.
Regards,
Wah.
--- On Thu, 16/7/09, Evan Hunt <e...@isc.org> wrote:
> From: Evan Hunt <e...@isc.org>
> Subject: Re: about allow-update
> To: "Tech W." <tech...@yahoo.com.cn>
> Cc: bind-users@lists.isc.org
> Received: Thursday, 16 July, 2009, 11:26 AM
>
> > Besides TSIG key, I want to limit the source address
> also. That's to
> > say, I want the given address with specified key to
> execute the update
> > only.
> >
> > How can I do it? Is this syntax correct?
> >
> > allow-update {key "mykey"; 192.168.1.254;};
>
> Alas, no. What you want is:
>
> allow-update { !{
> !192.168.1.254; any; }; key mykey; }
>
> See http://www.mail-archive.com/bind-users@lists.isc.org/msg00045.html
> for my hard-to-read explanation of this painful syntax.
>
> --
> Evan Hunt -- e...@isc.org
> Internet Systems Consortium, Inc.
>
____________________________________________________________________________________
Access Yahoo!7 Mail on your mobile. Anytime. Anywhere.
Show me how: http://au.mobile.yahoo.com/mail
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
