Internal CNAME in RPZ

Андрей Гейн andgein at yandex-team.ru
Wed Oct 23 14:36:48 UTC 2019


// Sorry for HTML embedded to my first email. 

Hello, I would like to set up RPZ with CNAME and A. There are two options:
 
1.
cname.domain.com        CNAME   test.domain.com    (without trailing dot)
test.domain.com         A       10.10.10.10
 
In this case I receive
 
# dig cname.domain.com @127.0.0.1
...
cname.domain.com.       5       IN      CNAME   test.domain.com.rpz.
test.domain.com.rpz.    3600    IN      A       10.10.10.10
...
 
So, it looks good, but RPZ name is visible, which is unwanted for me.
 
2.
cname.domain.com        CNAME   test.domain.com.      (with trailing dot)
test.domain.com         A       10.10.10.10
 
In this case I receive
 
# dig cname.domain.com @127.0.0.1

cname.domain.com.       5       IN      CNAME   test.domain.com.
test.domain.com.        531     IN      A       66.96.162.92
 
(66.98.162.92 is real, «internet» address of test.domain.com)
 
 
Is it possible to make configuration for internal CNAME's in RPZ in which RPZ name will be not visible to user?
 
Best regards,
Andrey Geyn



More information about the bind-users mailing list