BIND NXDOMAIN

Mark Andrews marka at isc.org
Mon Sep 22 23:49:09 UTC 2014


You just have to break the wildcard matching.

*. IN A 10.100.100.4
*.au. IN A 10.100.100.4
*.com.au. IN A 10.100.100.4
nooverride.com.au. TXT "break wildcard matching"
nxreturn.com.au. TXT "break wildcard matching"

Mark
 
In message <00ab01cfd60d$1365a0a0$3a30e1e0$@iprimus.com.au>, "Neil" writes:
> 
> Hi,
> 
> We are investigating the features of NXDOMAIN redirect as explained in
> https://kb.isc.org/article/AA-00376/0/BIND-9.9-redirect-zones-for-NXDOMAIN-r
> edirection.html
> 
>  
> 
> We are running BIND 9.9 stream.
> 
>  
> 
> My question is, Is it possible to "whitelist" particular domains?, The ARM
> does
> 
> Not refer to any form of whitelisting
> 
>  
> 
>  
> 
> zone "." {
>         type redirect;
>         file "db.redirect" ;
> };
> 
>  
> 
> So if my db.redirect has the below for Status=NXDOMAIN to return the below
> RR A
> 
>  
> 
> *. IN A 10.100.100.4
> 
>  
> 
>  
> 
> But I want to return status:NXDOMAIN for only the below domains
> 
>  
> 
> *.nooverride.com.au
> 
> *.nxreturn.com.au
> 
>  
> 
> Is this possible? If not a modification to query.c is the only option.
> 
> Has anyone got a src patch for this feature?
> 
>  
> 
> Thanks
> 
> Neil
> 
>  
> 
>  
> 
> 
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org


More information about the bind-users mailing list