<div dir="auto"></div><div dir="auto">That’s the dig that comes with MacOS. The DNS servers I tested with are FreeBSD at 9.20.*mumble*.</div><div dir="auto"><br></div><div dir="auto">I was accessing the FreeBSD from the Mac and writing the email on the Mac. I was using the “Screen Sharing” application, aka, VNC. But MacOS won’t let you cut n paste from the Screen Sharing to other applications, so I retyped, messed it up, and didn’t catch it before I hit send.</div><div dir="auto"><br></div><div dir="auto">I had done the digs on my FreeBSD too, but since I couldn’t paste them from Screen Sharing, I redid them in a Terminal window on the Mac and got the ancient version in the output.</div><div dir="auto"><br></div><div><br><div class="gmail_quote gmail_quote_container"><div dir="ltr" class="gmail_attr">On Sat, Nov 8, 2025 at 12:10 PM Nick Tait via bind-users <<a href="mailto:bind-users@lists.isc.org">bind-users@lists.isc.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-style:solid;padding-left:1ex;border-left-color:rgb(204,204,204)"><u></u>
<div>
<div>On 08/11/2025 13:11, Lee wrote:<br>
</div>
<blockquote type="cite">
<pre style="font-family:monospace"><pre style="font-family:monospace">On Fri, Nov 7, 2025 at 3:53 PM Crist Clark wrote:
</pre><blockquote type="cite" style="font-family:monospace;color:rgb(0,124,255)"><pre style="font-family:monospace">I still don't understand why an RPZ entry of,
10.zz.fe80. IN CNAME *.
Doesn't work for you.
</pre></blockquote><pre style="font-family:monospace">First
</pre><blockquote type="cite" style="font-family:monospace;color:rgb(0,124,255)"><blockquote type="cite" style="font-family:monospace;color:rgb(0,124,255)"><pre style="font-family:monospace">DiG 9.10.6
</pre></blockquote></blockquote><pre style="font-family:monospace">are you really running a 9.10 version of bind?!
second,
because it's missing rpz-ip?
I've got
; return NXDOMAIN for any ipv6 link local address answer
10.zz.fe80.rpz-ip CNAME . ; FE80::/10
and it doesn't work for me 🙁</pre></pre>
</blockquote>
<p>This works for me (BIND 9.20.11):</p>
<pre style="font-family:monospace">10.zz.fe80.rpz-ip IN CNAME *.</pre>
<p>(You need to rewrite using NODATA, rather than NXDOMAIN.)</p></div><div>
<p>Nick.</p>
</div>
-- <br>
Visit <a href="https://lists.isc.org/mailman/listinfo/bind-users" rel="noreferrer" target="_blank">https://lists.isc.org/mailman/listinfo/bind-users</a> to unsubscribe from this list.<br>
</blockquote></div></div>