RPZ and static stubs
dot at dotat.at
Tue Oct 31 12:19:09 UTC 2017
Trevor Woolley <twoolley1963 at gmail.com> wrote:
> The issue lies with RPZ's and static stubs.
> Required functionality: Override main domain for some entries, but allow
> look ups for the main domain if not located in the RPZ rewrite zone file.
This caught my eye because I want this to work (though I don't currently
depend on it). I could not reproduce the problem with BIND 9.12.
On my test server I have an `auth` view which has a number of master
and slave zones, and a `rec` view which has static-stub configurations
for the `auth` zones. One of these is cam.ac.uk:
$ curl -Ssf http://[::1]:8053/json |
jq -r '.views.rec.zones | select(.name == "cam.ac.uk") | .type'
I added a test RPZ that fiddles with cam.ac.uk like so:
$ dig +noall +answer cam.ac.uk
cam.ac.uk. 300 IN CNAME rpz-block.
$ dig +noall +answer www.cam.ac.uk
www.cam.ac.uk. 300 IN A 22.214.171.124
Seems to work fine.
f.anthony.n.finch <dot at dotat.at> http://dotat.at/ - I xn--zr8h punycode
Rockall, Malin: West or southwest 5 to 7. Moderate or rough. Occasional rain,
fog patches at first. Moderate or poor, occasionally very poor at first.
More information about the bind-users