Is there any method/config to pass through rcode refused
Greg Choules
gregchoules+bindusers at googlemail.com
Tue Jul 1 08:29:49 UTC 2025
Hi Neil.
Think about what a resolver is doing.
A client asks it a question, usually with the RD bit set, meaning
essentially, do whatever you have to do to get me my answer. So the
resolver attempts to find that answer, somehow.
If it already has it in cache, great. If it doesn't it may recurse, or (as
in your case) forward. If the place it forwards to refuses its query and
the resolver has nowhere else to try, it has failed in its job to obtain an
answer on behalf of its client, so the only response it can give back to
that client is SERVFAIL.
Why do you want the client to get REFUSED?
Cheers, Greg
On Tue, 1 Jul 2025 at 09:06, Neil Nie (NSB) <neil.nie at nokia-sbell.com>
wrote:
> Hi,
>
>
>
> I found that bind9 (as forwarder) always overwrite rcode refused to rcode
> servfail. For one use-case, the dns client wants to get original rcode
> (like refused). Please advise if there is any config or method to achieve
> that.
>
>
>
> Thanks,
>
> Neil Nie
>
>
> --
> Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
> from this list
>
> ISC funds the development of this software with paid support
> subscriptions. Contact us at https://www.isc.org/contact/ for more
> information.
>
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20250701/6e618d2e/attachment.htm>
More information about the bind-users
mailing list