Negative zones; NXDOMAIN responses
Steven Carr
sjcarr at gmail.com
Sun May 19 20:26:07 UTC 2013
But in response to the actual question... what you want to do is not
possible in BIND zone configs as you can't create a negative zone
(that I'm aware of).
However in later versions of BIND9 you can create a local RPZ zone
which you could then use to send back a negative response for .local
http://www.isc.org/software/rpz
http://jpmens.net/2011/04/26/how-to-configure-your-bind-resolvers-to-lie-using-response-policy-zones-rpz/
On 19 May 2013 21:22, Steven Carr <sjcarr at gmail.com> wrote:
> Why are you forwarding queries to the ISP? Implement your own caching
> layer, I for one would never use/trust an ISPs caching servers. If I
> want to resolve a domain I go direct to the source, not via a 3rd
> party.
>
>
> On 19 May 2013 20:51, Narcis Garcia <informatica at actiu.net> wrote:
>> Hello,
>>
>> I'm trying to solve this problem in some local networks, without
>> intervention to client computers:
>> https://bugs.launchpad.net/ubuntu/+source/avahi/+bug/327362
>>
>> These LAN have a BIND9 service to provide name resolving and caching for
>> internet access, and I want to intercept the .local domain to give a
>> NXDOMAIN response. The internet ISP returns positive values for .local
>> queries, and I need that LAN clients receive NXDOMAIN instead.
>>
>> Can I create a zone file for .local domain and specify there NXDOMAIN
>> values for SOA and A RRs? How should be the content of the zone sheet?
>>
>> Thanks.
>> _______________________________________________
>> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>>
>> bind-users mailing list
>> bind-users at lists.isc.org
>> https://lists.isc.org/mailman/listinfo/bind-users
More information about the bind-users
mailing list