RPZ Question
Mukund Sivaraman
muks at isc.org
Thu Apr 16 17:40:21 UTC 2015
Hi Bob
On Thu, Apr 16, 2015 at 12:26:41PM -0500, Bob McDonald wrote:
> I'm using RPZ to return "fake" addresses for hosts. Although it seems
> to work well for A records, I'm questioning the way it processes CNAME
> records.
>
> Shown below is the output from DIG. Both records are in RPZ. However,
> you'll notice that the first DIG returns a NXDOMAIN response. The CNAME
> target is also in RPZ (As shown in the second DIG)
>
> Is this normal behaviour?
Please send the contents of your policy zones, and their order in
named.conf.
Mukund
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 801 bytes
Desc: not available
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20150416/57676c64/attachment.bin>
More information about the bind-users
mailing list