Queries regarding forwarders
Grant Taylor
gtaylor at tnetconsulting.net
Thu Aug 9 04:42:00 UTC 2018
On 08/08/2018 10:02 PM, Blason R wrote:
> Due to the architecture since I have my internal DNS RPZ built I wanted
> my other internal DNS servers should send traffic to RPZ server and
> then RPZ would resolve on behalf of client.
Speaking of PRZ and forwarding…
Does anyone know off hand if BIND, with RPZ configured to filter answers
that resolve to private IPs, can actually respond with private answers
from a local authoritative zone?
My long standing fear is that RPZ would filter replies from local
authoritative zones. Thus I would want my recursive resolver, hosting
zones with private IPs, to forward to an RPZ server. Thus allowing me
to return private IPs from authoritative zones while filtering private
IPs from other external queries.
--
Grant. . . .
unix || die
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3982 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20180808/4adf2c2f/attachment-0001.bin>
More information about the bind-users
mailing list