On 08/08/2018 10:02 PM, Blason R wrote:
Due to the architecture since I have my internal DNS RPZ built I wanted my other internal DNS servers should send traffic to RPZ server and then RPZ would resolve on behalf of client.
Speaking of PRZ and forwarding…Does anyone know off hand if BIND, with RPZ configured to filter answers that resolve to private IPs, can actually respond with private answers from a local authoritative zone?
My long standing fear is that RPZ would filter replies from local authoritative zones. Thus I would want my recursive resolver, hosting zones with private IPs, to forward to an RPZ server. Thus allowing me to return private IPs from authoritative zones while filtering private IPs from other external queries.
-- Grant. . . . unix || die
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
