> IIRC update-policy cannot be used in congestion with the allow-update > statement.
My bad--you're right. There's code I'd never noticed before that says allow-update will be ignored if update-policy is set. Whoops. (Oddly, the check only applies when both of them are defined in the zone itself. You can put "allow-updates" in the view options and "update-policy" in the zone, and named won't complain about it... but it also won't work the way you want it to.) I don't know why it was implemented this way--there's no protocol reason I can see. (There may be other reasons I don't know about.) It's probably not a high enough priority for ISC to devote engineering resources to it at this time, but if someone submitted a patch that added an ACL check to the update-policy syntax, I'm sure we'd consider it. -- Evan Hunt -- [EMAIL PROTECTED] Internet Systems Consortium, Inc. _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users