An experimental RPZ plugin (was Re: Using a DLZ as RPZ?)
Ondřej Surý
ondrej at isc.org
Fri Dec 5 16:57:40 UTC 2025
That works for authoritative to resolver. I am not really sure there are stub resolver that would honor the SOA TTL/minimum for negative caching. Perhaps something like full stub resolver (systemd-resolved) might, but generally speaking, I think the stub cache is small with short expiration.
Ondrej
--
Ondřej Surý — ISC (He/Him)
My working hours and your working hours may be different. Please do not feel obligated to reply outside your normal working hours.
> On 5. 12. 2025, at 17:47, Jesus Cea <jcea at jcea.es> wrote:
>
> The SOA in ADDITIONAL in a NXDOMAIN response allow for negative caching, as described in RFC 2308.
More information about the bind-users
mailing list