Concatenating more RPZ zones?
Anne Bennett
anne at encs.concordia.ca
Thu Feb 23 16:03:48 UTC 2017
>> i have this situation with RPZ zones (and can grow up with more RPZ zones):
>
> If no-one has replied, it's possible no-one knows the answer.
The latest draft of the RPZ specification is:
https://tools.ietf.org/html/draft-vixie-dns-rpz-04
I see nothing, even in "6.1. Per-Zone Action Overrides", that would do
exactly what you want, unfortunately.
> On a more helpful note: yes, first RPZ always wins. If you need
> different sets of RPZ for different client IP ranges, you will need to
> use views.
Using views does seem like a possible solution to your
problem, though it would entail maintaining client lists in
the nameserver configuration instead of the zone files, which
would make sense only if your list of exceptions is very stable.
Anne.
--
Ms. Anne Bennett, Senior Sysadmin, ENCS, Concordia University, Montreal H3G 1M8
anne at encs.concordia.ca +1 514 848-2424 x2285
More information about the bind-users
mailing list