From f2fc0e9c9e7996e9e136fc58a90e1269d81bb1e6 Mon Sep 17 00:00:00 2001
From: Matthijs Mekking <matthijs@isc.org>
Date: Fri, 24 Jun 2022 16:36:23 +0200
Subject: [PATCH] Add some clarifications wrt dynamic zones

These were suggested by GitLab user @elmaimbo.

(cherry picked from commit fb517eb52a64a784cafd29ed1e046f60c34935b7)
---
 doc/arm/reference.rst | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/doc/arm/reference.rst b/doc/arm/reference.rst
index 0caa8a374e..7f8cdc65b7 100644
--- a/doc/arm/reference.rst
+++ b/doc/arm/reference.rst
@@ -6667,8 +6667,16 @@ perform dynamic updates to a zone:
 - :namedconf:ref:`allow-update` - a simple access control list
 - :namedconf:ref:`update-policy` - fine-grained access control
 
-In both cases, BIND 9 writes the updates
-to the zone's filename set in ``file``.
+In both cases, BIND 9 writes the updates to the zone's filename
+set in ``file``.
+
+In the case of a DNSSEC zone, DNSSEC records are also written to
+the zone's filename, unless ``inline-signing`` is enabled.
+
+   .. note:: The zone file can no longer be manually updated while ``named``
+      is running; it is now necessary to perform :option:`rndc freeze`, edit,
+      and then perform :option:`rndc thaw`. Comments and formatting
+      in the zone file are lost when dynamic updates occur.
 
 .. namedconf:statement:: update-policy