In message <52a8e44a.1070...@brandeis.edu>, John Miller writes: > Hello folks, > > I'm getting ready to revamp our dynamic DNS setup here on campus, and am > curious: what is everyone doing for update forwarding? Have you seen > certain clients that will send updates based on NS records rather than > the SOA record?
Which is what the update protocol specifies as the default destination to send requests to. > Perhaps a better question is: has anyone been bitten by leaving update > forwarding disabled? If you have a hidden master and clients that follow the RFC and send to the nameservers then you will need to enable update forwarding. The exact condfiguration depends on how you are authenticating updates for the zone. If it is by IP address you will need to configure the update forwarding server to use a similar acl. If you are using TSIG then you can just forward all update requests. If is off by default as it is the only safe configuration when you don't know how the master is configured not because one shouldn't forward update requests. Mark > John > _______________________________________________ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
