<div dir="ltr">Sending this to bind list ... had only sent to Tony by mistake.. !!</div><div class="gmail_extra"><br><div class="gmail_quote">On Tue, Nov 22, 2016 at 5:45 PM, Sachin Patil <span dir="ltr"><<a href="mailto:04sachin@gmail.com" target="_blank">04sachin@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Hello Tony,<div>Thank you very much for the reply.</div><div><br></div><div>I have configured bind in forward mode.</div><div>My conf file looks like - </div><div><br></div><div>







<p class="m_-6098983245031569182gmail-p1"><span class="m_-6098983245031569182gmail-s1">options {</span></p>
<p class="m_-6098983245031569182gmail-p1"><span class="m_-6098983245031569182gmail-s1"><span class="m_-6098983245031569182gmail-Apple-tab-span">        </span>directory "/var/cache/named";</span></p>
<p class="m_-6098983245031569182gmail-p1"><span class="m_-6098983245031569182gmail-s1"><span class="m_-6098983245031569182gmail-Apple-tab-span">        </span>pid-file "/var/run/named/named.pid";</span></p>
<p class="m_-6098983245031569182gmail-p1"><span class="m_-6098983245031569182gmail-s1"><span class="m_-6098983245031569182gmail-Apple-tab-span">        </span>recursion yes;</span></p>
<p class="m_-6098983245031569182gmail-p1"><span class="m_-6098983245031569182gmail-s1"><span class="m_-6098983245031569182gmail-Apple-tab-span">        </span>allow-recursion { any; };</span></p>
<p class="m_-6098983245031569182gmail-p2"><span class="m_-6098983245031569182gmail-s1"></span><br></p>
<p class="m_-6098983245031569182gmail-p1"><span class="m_-6098983245031569182gmail-s1"><span class="m_-6098983245031569182gmail-Apple-tab-span">        </span>forwarders {</span></p>
<p class="m_-6098983245031569182gmail-p1"><span class="m_-6098983245031569182gmail-s1"><span class="m_-6098983245031569182gmail-Apple-tab-span">        </span><span class="m_-6098983245031569182gmail-Apple-tab-span">  </span><span class="m_-6098983245031569182gmail-Apple-tab-span">  </span>8.8.8.8;</span></p>
<p class="m_-6098983245031569182gmail-p1"><span class="m_-6098983245031569182gmail-s1"><span class="m_-6098983245031569182gmail-Apple-tab-span">        </span><span class="m_-6098983245031569182gmail-Apple-tab-span">  </span><span class="m_-6098983245031569182gmail-Apple-tab-span">  </span>8.8.4.4;</span></p>
<p class="m_-6098983245031569182gmail-p1"><span class="m_-6098983245031569182gmail-s1"><span class="m_-6098983245031569182gmail-Apple-tab-span">        </span>};</span></p>
<p class="m_-6098983245031569182gmail-p1"><span class="m_-6098983245031569182gmail-s1"><span class="m_-6098983245031569182gmail-Apple-tab-span">        </span>forward only;</span></p>
<p class="m_-6098983245031569182gmail-p1"><span class="m_-6098983245031569182gmail-s1"><span class="m_-6098983245031569182gmail-Apple-tab-span">        </span>empty-zones-enable yes;</span></p>
<p class="m_-6098983245031569182gmail-p2">dnssec-enable yes;</p><p class="m_-6098983245031569182gmail-p2">dnssec-validation yes;</p>
<p class="m_-6098983245031569182gmail-p2"><span class="m_-6098983245031569182gmail-s1"></span><br></p>
<p class="m_-6098983245031569182gmail-p1"><span class="m_-6098983245031569182gmail-s1"><span class="m_-6098983245031569182gmail-Apple-tab-span">        </span>auth-nxdomain no;    # conform to RFC1035</span></p>
<p class="m_-6098983245031569182gmail-p1"><span class="m_-6098983245031569182gmail-s1"><span class="m_-6098983245031569182gmail-Apple-tab-span">        </span>listen-on-v6 { any; };</span></p>
<p class="m_-6098983245031569182gmail-p2">server-id none;<br><span class="m_-6098983245031569182gmail-s1"></span></p>
<p class="m_-6098983245031569182gmail-p1"><span class="m_-6098983245031569182gmail-s1">};</span></p><p class="m_-6098983245031569182gmail-p1"><span class="m_-6098983245031569182gmail-s1"><br></span></p><p class="m_-6098983245031569182gmail-p1"><span class="m_-6098983245031569182gmail-s1">Still lookup requests  like - </span><span style="font-variant-ligatures:no-common-ligatures;font-family:menlo;font-size:14px">nslookup 10.10.2.20 127.0.0.1 are sent to 8.8.4.4.</span></p><p class="m_-6098983245031569182gmail-p1"><span style="font-variant-ligatures:no-common-ligatures;font-family:menlo;font-size:14px"> </span></p>







</div></div><div class="HOEnZb"><div class="h5"><div class="gmail_extra"><br><div class="gmail_quote">On Tue, Nov 22, 2016 at 4:27 PM, Tony Finch <span dir="ltr"><<a href="mailto:dot@dotat.at" target="_blank">dot@dotat.at</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span>Sachin Patil <<a href="mailto:04sachin@gmail.com" target="_blank">04sachin@gmail.com</a>> wrote:<br>
<br>
> I want to return nxdomain for any private ip reverse lookup.<br>
<br>
</span>BIND does this by default. Look for "built-in empty zones" in<br>
<a href="https://ftp.isc.org/isc/bind9/cur/9.11/doc/arm/Bv9ARM.ch06.html" rel="noreferrer" target="_blank">https://ftp.isc.org/isc/bind9/<wbr>cur/9.11/doc/arm/Bv9ARM.ch06.h<wbr>tml</a><br>
<span class="m_-6098983245031569182HOEnZb"><font color="#888888"><br>
Tony.<br>
--<br>
f.anthony.n.finch  <<a href="mailto:dot@dotat.at" target="_blank">dot@dotat.at</a>>  <a href="http://dotat.at/" rel="noreferrer" target="_blank">http://dotat.at/</a>  -  I xn--zr8h punycode<br>
Southeast Iceland: Northerly 4 or 5, becoming variable 3 or 4. Rough becoming<br>
moderate. Wintry showers. Good, occasionally moderate.<br>
</font></span></blockquote></div><br></div>
</div></div></blockquote></div><br></div>