Queries to DNS Blackholes don't respond
Roberto Carna
robertocarna36 at gmail.com
Wed Apr 18 14:44:27 UTC 2018
Dear, I have impelmented a BIND9 server. It works OK, but some days
ago an application failed because it needed to resolve the reverse of
some IP addresses from range 10.x.x.x, and they waited for a long time
and failed, because they need a NXDOMAIN fast response.
I don't want to make a local zone 10.IN-ADDR.ARPA, because I want to
use the two public nameservers from Internet:
BLACKHOLE-1.IANA.ORG (192.175.48.6)
BLACKHOLE-2.IANA.ORG (192.175.48.42)
When I query these DNS's from my console from the BIND server, and
from any host I have available here, the result is this:
root at DNS:~# host -t NS 10.IN-ADDR.ARPA 192.175.48.6
Using domain server:
Name: 192.175.48.6
Address: 192.175.48.6#53
Aliases:
10.in-addr.arpa name server blackhole-2.iana.org.
10.in-addr.arpa name server blackhole-1.iana.org.
and finally I get the NXDOMAIN I need:
DNS:~# host -t NS 10.10.12.1 192.175.48.6
Using domain server:
Name: 192.175.48.6
Address: 192.175.48.6#53
Aliases:
Host 1.12.10.10.in-addr.arpa. not found: 3(NXDOMAIN)
Is it OK that I do? Are blackholes servers useful for this purpose ?
Thanks a lot !!!
More information about the bind-users
mailing list