I tried to go to https://fpki.idmanagement.gov/ and got some error message about not finding the site with a "try again" button. Tried again and it worked:
29-Sep-2018 15:56:21.677 queries: info: client @000001F0C8672910 127.0.0.1#58997 (fpki.idmanagement.gov): query: fpki.idmanagement.gov IN A + (127.0.0.1) 29-Sep-2018 15:56:21.708 query-errors: debug 1: client @000001F0C8672910 127.0.0.1#58997 (fpki.idmanagement.gov): rpz QNAME rewrite dfew6wnpm1gb5.cloudfront.net via dfew6wnpm1gb5.cloudfront.net stop on unrecognized qresult in rpz_rewrite()failed: : SERVFAIL 29-Sep-2018 15:56:21.708 query-errors: info: client @000001F0C8672910 127.0.0.1#58997 (fpki.idmanagement.gov): query failed (SERVFAIL) for fpki.idmanagement.gov/IN/A at ..\query.c:8580 29-Sep-2018 15:56:34.893 queries: info: client @000001F0C91812E0 127.0.0.1#51991 (fpki.idmanagement.gov): query: fpki.idmanagement.gov IN A + (127.0.0.1) I tried searching on the error message & got lots of pointers to query.c but I haven't found anything that explains what happened. I've got nothing for .net or .cloudfront.net in my rpz.zone file & the rpz zone is configured as response-policy { zone "rpz.zone" log yes; } break-dnssec yes recursive-only no qname-wait-recurse no; Can someone tell me what can cause stop on unrecognized qresult in rpz_rewrite()failed: or how to fix whatever it was? Thanks Lee _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users