• Print
  • Share
  • Dark
    Light

I keep getting log messages like the following. Why? Jun 21 12:00:00.000 client 10.0.0.1#1234: update denied

  • Updated on 05 Oct 2018
  • 1 minute to read
  • Contributors 

Someone may be trying to update your DNS zone using the RFC 2136 Dynamic Update protocol, but they may not have permission to do so.

Windows 2000 machines have a habit of sending dynamic update requests to DNS servers without being specifically configured to do so. If the update requests are coming from a Windows 2000 machine, see https://support.microsoft.com/en-us/help/246804/how-to-enable-or-disable-dns-updates-in-windows-2000-and-in-windows-se for information about how to turn them off.

If you get this log message when trying to perform a DNS update with a program such as nsupdate, please check your named configuration.

Problems with this site? Email us at marketing@isc.org