Negative zones; NXDOMAIN responses

Steven Carr sjcarr at
Sun May 19 20:26:07 UTC 2013

But in response to the actual question... what you want to do is not
possible in BIND zone configs as you can't create a negative zone
(that I'm aware of).

However in later versions of BIND9 you can create a local RPZ zone
which you could then use to send back a negative response for .local

On 19 May 2013 21:22, Steven Carr <sjcarr at> wrote:
> Why are you forwarding queries to the ISP? Implement your own caching
> layer, I for one would never use/trust an ISPs caching servers. If I
> want to resolve a domain I go direct to the source, not via a 3rd
> party.
> On 19 May 2013 20:51, Narcis Garcia <informatica at> wrote:
>> Hello,
>> I'm trying to solve this problem in some local networks, without
>> intervention to client computers:
>> These LAN have a BIND9 service to provide name resolving and caching for
>> internet access, and I want to intercept the .local domain to give a
>> NXDOMAIN response. The internet ISP returns positive values for .local
>> queries, and I need that LAN clients receive NXDOMAIN instead.
>> Can I create a zone file for .local domain and specify there NXDOMAIN
>> values for SOA and A RRs? How should be the content of the zone sheet?
>> Thanks.
>> _______________________________________________
>> Please visit to unsubscribe from this list
>> bind-users mailing list
>> bind-users at

More information about the bind-users mailing list