Am 01.07.2025 um 22:23 schrieb Lee:
   response-policy { zone "rpz.foo"; zone "rpz.bar"; zone "rpz.pgl"; }
      break-dnssec yes
      recursive-only no
      qname-wait-recurse no;

should these 3 lines (break-dnssec , ...) not inside the response-policy block? Otherwise it is applied to the options block which is then seen as a global setting?

So write it like this:

options {
  ...
  response-policy {
    zone "rpz.foo"; zone "rpz.bar"; zone "rpz.pgl";
    break-dnssec yes
    recursive-only no
    qname-wait-recurse no;
  };
  ...
};

But maybe I'm also wrong here, so I can learn something new.

Thanks
Matthias

--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Reply via email to