Hi, today I noticed the following log messages from my caching-only bind on startup:
zone 'localhost' allows updates by IP address, which is insecure zone 'version.bind' allows updates by IP address, which is insecure zone 'hostname.bind' allows updates by IP address, which is insecure zone 'authors.bind' allows updates by IP address, which is insecure zone 'id.server' allows updates by IP address, which is insecure What's bugging me about those it that I have set allow-updates { none; } in the global options section of my named.conf. Setting it on the localhost zone explicitly doesn't change anything. I've looked at the implementation of dns_acl_isinsecure() and got the impression that there might simply be a check missing for special ACL "none". So I wonder: Can I ignore these messages? -- Thanks, Michael _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users