can bind filter the result

[Barry Margolin]

In article <gsggrq$2jo5$1 at sf1.isc.org>,
 JINMEI Tatuya / e_naeiBc? <Jinmei_Tatuya at isc.org> wrote:

> At Mon, 20 Apr 2009 08:40:15 +0800,
> Ken Lai <soulhacker511 at gmail.com> wrote:
> 
> > for example, a user send a query to my server, and the server forward this 
> > query to a outer dns server. the outer server return a A record to my 
> > server, 
> > what i want to do is, my server will not respond to client if i do not want 
> > the client to know this A record.
> 
> It's still not very clear...what's the key of the filtering?  The
> query name such as www.isc.org, or the data of the answer (the IPv4
> address in the case of an A RR), or something else?

If it's based on the name, I suppose he could set up a forward zone for 
each filtered hostname that forwards to a fake root server that returns 
NXDOMAIN for everything except the root.

zone "www.isc.org" {
 type forward;
 forwarders { <fake-root-server>; };
};

-- 
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***