On 12/23/2017 02:11 PM, Michelle Konzack wrote:
I try to blackhole several 1000 domains and try to redirect them to the host <block.itsystems.tamay-dogan.net>
It looks like you're trying to load zones that are sharing a zone file in an effort to black hole them.
I would strongly advise you look at Response Policy Zones as I suspect this is a better way to accomplish this goal. Further, it will do so without the load of all the identical zones.
I have following files:
----[ /etc/bind/blackhole.zones ]---------------------------------------
@ 86400 IN SOA dns1.tamay-dogan.net.
hostmaster.tamay-dogan.net. ( 1514061768 86400 86400 2419200 86400 )
IN NS dns1.tamay-dogan.net.
IN CNAME block.itsystems.tamay-dogan.net.
* IN CNAME block.itsystems.tamay-dogan.net.
I see two things.1) You can't have a CNAME at the apex of the zone because it can't live with other records, like NS and SOA.
2) I'm not confident that you can use a CNAME with a wildcard record.If you are really wanting to do the wildcard CNAME, I would suggest that you look at a DNAME record so that anything under the DNAME record owner (the zone in this case) will reflect something else. (At least that's my understanding of how DNAME records work.)
What have I overseen here?
Reply if you have any additional questions after my comments above.
Thanks in avance and Merry X-Mas
You're welcome. Merry Christmas to you and yours too. -- Grant. . . . unix || die
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
