Re: Question on allow-update and update-policy

e; }; > > To understand this, remember that a negative ACL is not the same as > not listing the IP at all. It says, in essence, "Deny anyone we don't > trust, by IP. Then permit requests signed with the right key." > > Regards, > Chris Buxton > BlueCat Networks > &g

Question on allow-update and update-policy

Hi, I have a question on using signed (TSIG) dynamic updates. My understanding is that both allow-update and update-policy allows either a host or a key. Is there any way (or workaround) to make bind only accept dynamic updates from a specific host that has the specific key? The problem I have i

Delegation and recursion

Hi, I'm just writing to confirm that I have the correct understanding of the relationship between delegation and recursion. A bit of background: I'm responsible for an Internet-facing server that has the following requirements. It should support recursion for known (DMZ) clients and it should not