As others have pointed out, "allow-update-forwarding" only works for slaves.
Yet another reason to go with a large-authoritative-core approach,
instead of stringing stuff together with recursive arrangements. Would
you rather build an enterprise-strength DNS infrastructure from fragile
filaments (forwarding) or solid bonds (replication)?
OK, I'll get off my infrastructure architect soapbox now...
- Kevin
On 10/2/2013 4:41 AM, Bojan Tomic wrote:
Thanks Phil!
I've tried "allow-update-forwarding", but my understanding is that
this option only works for slave servers!? What i'm looking for is
dynamic update forwarding from non-authoritative server. Can
allow-update-forwarding also work with non-authoritative server?We are
building an internal closed solution so source IP checking is not
necessary.
On Wed, Oct 2, 2013 at 8:56 AM, Phil Mayers <p.may...@imperial.ac.uk
<mailto:p.may...@imperial.ac.uk>> wrote:
On 10/02/2013 07:51 AM, Bojan Tomic wrote:
Hi,
I'm looking for a way to setup a recursive/forwarding named
server to
forward dynamic updates
See "allow-update-forwarding" in the ARM. Obviously you will lose
source IP / TSIG key info, so will need to perform access checks
at the forwarding server, and allow everything you need at the
target server from the source/key of the forwarder.
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to
unsubscribe from this list
bind-users mailing list
bind-users@lists.isc.org <mailto:bind-users@lists.isc.org>
https://lists.isc.org/mailman/listinfo/bind-users
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users