Hi Neil. Think about what a resolver is doing. A client asks it a question, usually with the RD bit set, meaning essentially, do whatever you have to do to get me my answer. So the resolver attempts to find that answer, somehow.
If it already has it in cache, great. If it doesn't it may recurse, or (as in your case) forward. If the place it forwards to refuses its query and the resolver has nowhere else to try, it has failed in its job to obtain an answer on behalf of its client, so the only response it can give back to that client is SERVFAIL. Why do you want the client to get REFUSED? Cheers, Greg On Tue, 1 Jul 2025 at 09:06, Neil Nie (NSB) <neil....@nokia-sbell.com> wrote: > Hi, > > > > I found that bind9 (as forwarder) always overwrite rcode refused to rcode > servfail. For one use-case, the dns client wants to get original rcode > (like refused). Please advise if there is any config or method to achieve > that. > > > > Thanks, > > Neil Nie > > > -- > Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > > ISC funds the development of this software with paid support > subscriptions. Contact us at https://www.isc.org/contact/ for more > information. > > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users >
-- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
