[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

ddns and bind 9.x compared to bind 8.x

To: LUCI-DISCUSS <luci-discuss@luci.org>
Subject: ddns and bind 9.x compared to bind 8.x
From: Charles Menzes <charles@lunarmedia.net>
Date: Wed, 15 May 2002 10:05:38 -0500 (CDT)
Organization: Linux Users of Central Illinois
Reply-To: luci-discuss@luci.org
Sender: luci-discuss-owner@luci.org

i'm running a pretty simple setup on a dhcp enabled machine i have on a 
cable modem network which sends named updates to a primary nameserver.

the update is sent as:

update delete chicago.ddns.lunarmedia.net in a
update add chicago.ddns.lunarmedia.net 12000 in a 10.12.71.152

on the primary namesrever, i have my named.conf configured to include:

zone "ddns.lunarmedia.net" in {
        type master;
        file "ddns/db.ddns.lunarmedia.net";
        allow-update { 10.12.71/24; };
        allow-query { any; }; };

Under bind 8.2.3, the updates would arrive and the A record would be 
available for public consumption, however, when I recently moved to bind 
9.1.3, i'm seeing a couple entries in my named logfile that show its not 
working...

security: warning: zone 'ddns.lunarmedia.net' allows updates by IP 
address, which is insecure

that i can expect, however then i receive

security: error: client 10.12.71.152#34205: update denied

and i am not certain what exactly is causing this to fail. does bind 9 not 
allow per netblock allow-update? man named.conf certainly seems to 
indicate that it does.



-
To unsubscribe, send email to majordomo@luci.org with
"unsubscribe luci-discuss" in the body.

Prev by Date: Champaign folks?
Next by Date: video capture cards
Prev by thread: Re: video capture cards
Next by thread: Champaign folks?
Index(es):
- Date
- Thread