Queries to DNS Blackholes don't respond

Roberto Carna robertocarna36 at gmail.com
Wed Apr 18 15:30:33 UTC 2018

Dear people, I know the best way is to make in-addr.arpa local zones in my BIND.

But also I think the BLACKHOLE SERVERS can be used, because they were
created for this reason.: respond to RFC 1918 networks queries.

So why the BLACKHOLE servers don't respond anymore ? Just one time I
could get a responde from them.


2018-04-18 11:53 GMT-03:00 /dev/rob0 <rob0 at gmx.co.uk>:
> On Wed, Apr 18, 2018 at 11:44:27AM -0300, Roberto Carna wrote:
>> Dear, I have impelmented a BIND9 server. It works OK, but some days
>> ago an application failed because it needed to resolve the reverse of
>> some IP addresses from range 10.x.x.x, and they waited for a long time
>> and failed, because they need a NXDOMAIN fast response.
>> I don't want to make a local zone 10.IN-ADDR.ARPA,
> You don't need to.  See the "built-in empty zones" section of the
> BIND 9 ARM, chapter 6.
>> because I want to
>> use the two public nameservers from Internet:
> What??  Why?  Those are not supposed to be used.  BIND now includes
> empty zones for all RFC 1918 and other reserved netblocks which
> shouldn't ever appear on the open Internet.
> If you use some of these networks inside your organization, you can
> have authoritative zones for the corresponding in-addr.arpa zones.
> [snip]
>> Is it OK that I do? Are blackholes servers useful for this purpose ?
> Not at all.  That's why we have the automatic empty zones.  Sadly,
> many distributors are not aware of the feature, so they distribute
> named.conf with kludges.
> --
>   http://rob0.nodns4.us/
>   Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users

More information about the bind-users mailing list