nsupdate REFUSED

 Resolver creates more problems than solves.

Example. I have a DNS server on an Ubuntu server box. Simple, right? OK, I need to update some fixed entries in the DNS. Using nsupdate command, to do it on a running server. OK, switch to root, go to /etc/bind directory.

nsupdate -k rndc.key

> update delete bla.bla.mydomain.com AAAA

> send

update failed: REFUSED

OK. After cursing a bit and thinking a bit, an idea: Ubuntu is running local resolver and nsupdate connects to it by default.

Let's veirify:

nsupdate -k rndc.key

> server 192.168.21.21

> update delete bla.bla.mydomain.com AAAA

> send

>

Problem solved. Of course, I replaced real names and addresses.

Need to find out if it's possible to remove resolver, at least from servers. DNS servers are in my local gigabit network, no need for cache.