On Wed, Dec 20, 2017 at 10:40:31AM -0700, Grant Taylor via bind-users wrote:
> On 12/20/2017 06:27 AM, MAYER Hans wrote:
> > And I don’t wont that this static names can by changed by someone out of
> > an IP range, where it is allowed. I didn’t find any hint to block
> > certain IP ranges to be updated within a dynamic zone.
>
> I don't remember the specifics, but there is a way built into BIND to do
> what you are wanting.
>
> I think there's an ACL configuration where you can configure that DDNS
> clients are only able to update the records that they own. - I think
> ownership is related to the connecting IP.
>
> I do remember that when I tested this, it was trivial to set up and one
> configuration entry seemed to apply multiple DDNS clients.
>
> I'm sorry, but I don't remember any more specifics.
I beg your pardon, my original answer was incorrect. The option to do
this (for more access control over what updates to perform) is
"update-policy" as you have correctly pointed out.
The original poster may want to read about this option in the manual,
under "Dynamic Update Policies" in Chapter 6.
Mukund
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
