Job <j...@colliniconsulting.it> wrote: > But, if i have two different zones (or three), in the response-policy > sentence, can i trigger the Client only for a zone and not for the other > zone?
> Some Client would not have to match together the two zones! I think your question is answered by this part of the documentation: : The query response is checked against all response policy zones, so two : or more policy records can be triggered by a response. Because DNS : responses are rewritten according to at most one policy record, a single : record encoding an action (other than DISABLED actions) must be chosen. : Triggers or the records that encode them are chosen for the rewriting in : the following order: : : 1. Choose the triggered record in the zone that appears first in the : response-policy option. : : 2. Prefer CLIENT-IP to QNAME to IP to NSDNAME to NSIP triggers in a : single zone. : : 3. Among NSDNAME triggers, prefer the trigger that matches the smallest : name under the DNSSEC ordering. : : 4. Among IP or NSIP triggers, prefer the trigger with the longest prefix. : : 5. Among triggers with the same prefix length, prefer the IP or NSIP : trigger that matches the smallest IP address. Tony. -- f.anthony.n.finch <d...@dotat.at> http://dotat.at/ - I xn--zr8h punycode Fitzroy: Variable 4 at first in southeast, otherwise southwesterly 5 to 7. Moderate, occasionally rough in northwest. Rain or showers. Moderate or good, occasionally poor. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
