Am 01.07.2025 um 22:23 schrieb Lee:
response-policy { zone "rpz.foo"; zone "rpz.bar"; zone "rpz.pgl"; } break-dnssec yes recursive-only no qname-wait-recurse no;
should these 3 lines (break-dnssec , ...) not inside the response-policy block? Otherwise it is applied to the options block which is then seen as a global setting?
So write it like this: options { ... response-policy { zone "rpz.foo"; zone "rpz.bar"; zone "rpz.pgl"; break-dnssec yes recursive-only no qname-wait-recurse no; }; ... }; But maybe I'm also wrong here, so I can learn something new. Thanks Matthias -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users