Need help on RPZ sever, bit urgent

Blason R blason16 at
Thu Aug 9 13:29:16 UTC 2018

Hi Bind-Users,

I would really appreciate if someone can help me understanding my issue
with BIND RPZ server?

I have one windows server say and then RPZ server with I noticed that there are certain domains which are not
getting resolved from end users.

Ideally since those end user has DNS Server set and has
forwarder set to should forward all queries to 1.179, right?

But certain domains from my response-policy are even though wall-gardened
those are being catered as NXdomain.

Anything I am missing pertaining to RPZ?

Or if I am querying all those domains directly to RPZ server then I am
getting proper answer. This issue is noticed when I have forwarder server
is between

options {
        version "test";
        allow-query     { localhost;subnets; };
        directory "/var/cache/bind";
        recursion yes;
        querylog yes;
        forwarders {
//      dnssec-validation auto;
        request-ixfr yes;
        auth-nxdomain no;    # conform to RFC1035
//      listen-on-v6 { any; };
        listen-on port 53 { any; };
        listen-on port 15455 {any;};
        response-policy { zone "whitelist.allow" policy passthru;
                        zone "wg.block";
                        zone "bad.trap";
                        zone "block.tld";
                        zone "ransomwareips.block";  };
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the bind-users mailing list