Do you see anything in the logs about a failed update? Do the permissions on the bind zone directory allow named to write the update to file?
Perms are ok, it writes it out eventually (as it supposed to) and when the daemon is stopped.
The logs show:
client xx.xx.xx.xx#53401: view external: updating zone 'example.net/IN': update unsuccessful: host.example.net/A: 'rrset does not exist' prerequisite not satisfied (YXRRSET) client xx.xx.xx.xx#46869: view external: updating zone 'example.net/IN': update unsuccessful: host.example.net/TXT: 'RRset exists (value dependent)' prerequisite not satisfied (NXRRSET)
But at the time when it was being set up, it worked and it was decided this was not to worry about as a result.
The code used to update is as follows:
nsupdate -k $KEYFILE -v > $LOG 2>&1 << EOF server $SERVER zone $ZONE update delete $HOSTNAME A update add $HOSTNAME $TTL A $new_ip_address send EOF
The relevant bind conf is:
update-policy { grant host.example.net. name host.example.net. A TXT; };
Which I presume could lose the "TXT" ?
Thanks! jlc