Hi, I have an internal bind server that has several forward zones pointing to other internal name servers that carry reverse zones for rfc1918 networks we are using in our networks (let's say something like 0.20.10.in-addr.arpa).
This works fine until I either set empty-zones-enable yes; or include the empty rfc1918 master zones that Debian provides (this is bind 9.8.4): When there is a 10.in-addr.arpa master zone, an additional forward zone for 0.20.10.in-addr.arpa will just be ignored. (I assume in this case I would need to provide for some kind of delegation for the reverse zones that actually are in use?) I still want to blackhole lookups for unused rfc1918 space instead of sending those requests towards the Internet. My current workaround is to define additional forward zones for the top-level rfc1918 networks that use a non-exsting address on the loopback interface as forwarder. Obviously, between overlapping forward zones, some kind of first match wins - rule is used. The downside to that is that I get lots of lame-servers log entries for lookups matching those fake forward zones. Is there a better solution? Alex. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
