You would probably need to attach your entire named.conf file (with
sensitive bits (keys and the like) redacted and perhaps subnets
obscured to examples such as 192.0.2.0/24, for example) before anyone
would be able to help you.
That being said, your update policy statements don't look correct to
me. Have you tried to load them with BIND? Do they pass syntax check?
The reason they don't look right is that they seem to follow this
format correctly:
# (grant | deny ) identity ruletype name types
but include the word "name" which I think is meant to be replaced
with your actual domain name (ie: I don't think the word "name" should
be in the policy).
I have not previously used update-policy but I'd think it should be like this:
update-policy {grant <SomeKey> <SomeDomain> A AAAA;};
from reading:
https://bind9.readthedocs.io/en/v9_18_11/reference.html#namedconf-statement-update-policy
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
