BIND DNS: Disable Dynamic Updates

by on December 14, 2009 · 1 comment· LAST UPDATED December 14, 2009

in , ,

BIND9 dynamic updates allow remote servers to add, delete, or modify any entries in my zone file. How do I disable dynamic updates under BIND 9 (named) for any zone?

Dynamic updates can be risky, and disabling them is recommended. Another solution is to limit dynamic updates using ACLs and TSIG keys.

Linux / UNIX named Disable Dynamic Updates

Edit named.conf, run:
# vi named.conf
For each domain zone, set allow-update to none:

zone "cyberciti.com" IN {
  ....
  allow-update { none; };
  ...
}
TwitterFacebookGoogle+PDF versionFound an error/typo on this page? Help us!

{ 1 comment… read it below or add one }

1 Tony December 23, 2009 at 4:31 pm

The default mode for ‘allow-update’ is ‘none’ in Bind 9.

You should have no need to disable this in a per domain basis.

Tony.

Reply

Leave a Comment

Tagged as: , , , , , , , , ,

Previous Faq:

Next Faq: