[2005] clarify "config add" for adding a new ACL rule with a value

doc/guide/bind10-guide.xml

@@ -2109,8 +2109,9 @@ what is XfroutClient xfr_client??
         Multiple rules can be specified in the ACL, and an ACL rule
         can consist of multiple constraints, such as a combination of
         IP address and TSIG.
-        The following configuration sequence will add to the previous
-        ACL a rule that allows update requests sent from a client
+        The following configuration sequence will add a new rule to
+        ACL created in the above example.  This additional rule
+	allows update requests sent from a client
         using TSIG key name of "key.example" and has an IPv6 address of ::1.
       <screen>
 &gt; <userinput>config add DDNS/zones[0]/update_acl {"action": "ACCEPT", "from": "::1", "key": "key.example"}</userinput>
@@ -2119,6 +2120,12 @@ DDNS/zones[0]/update_acl[0]     {"action": "ACCEPT", "key": "key.example.org"} a
 DDNS/zones[0]/update_acl[1]     {"action": "ACCEPT", "from": "::1", "key": "key.example"} any (modified)
 &gt; <userinput>config commit</userinput>
 </screen>
+      (Note the "add" in the first line.  Before this sequence, we
+      have had only entry in zones[0]/update_acl.  The "add" command
+      with a value (rule) adds a new entry and sets it to the given rule.
+      Due to a limitation of the current implementation, it doesn't
+      work if you first try to just add a new entry and then set it to
+      a given rule).
       </para>
 
       <note><simpara>