Technical References
The update-policy command lets you configure DNS update-policies.
The most significant property of an update policy is an ordered
list of rules. The rules are used to restrict or permit updates to
DNS names. When adding a new rule, enclose the complete string
in quotation marks. Use the backslash (\) to allow square
brackets ([ ]) in the rule.
Note: If an update ACL has been configured on the zone,
any update-policy configuration is ignored.
Examples
nrcmd> update-policy test create
nrcmd> update-policy test rules add "grant any wildcard example* SRV"
nrcmd> update-policy test rules add "deny 1.1.1.1 wildcard \[a-z\]* A"
Status
See Also
Attributes
name string required,unique,immutable
Specifies the name of the Update Policy.
rules rule
Lists rules that make up the update policy. Each rule has the
following syntax:
action: Can be grant or deny.
grant - will allow an update if the rest of the rule
matches.
deny - will deny an update if the rest of the rule
matches.
acl-list: A list of one or more ip addresses, network addresses,
keys and/or named acl references. Note key names must be
prefixed with "key " (i.e. "key key.example" ).
keyword: Can be name, subdomain or wildcard.
name - used to specify a specific RR.
subdomain - used to specify a subdomain name.
wildcard - used to specify a name with wildcard
characters.
value: The name, sudomain or wildcard value associated with the
specified keyword. Note that all values specified are
relative to the zone in which they are applied.
Therefore it is not necessary to add the zone name to
the end of the value.
The supported wildcard characters are:
* Will match zero or more characters. For example,
the pattern dhcp-* matches all strings with the
dhcp- prefix including the string dhcp-.