On 12/23/2017 02:11 PM, Michelle Konzack wrote:
I try to blackhole several 1000 domains and try to redirect them to the host <block.itsystems.tamay-dogan.net>

It looks like you're trying to load zones that are sharing a zone file in an effort to black hole them.

I would strongly advise you look at Response Policy Zones as I suspect this is a better way to accomplish this goal. Further, it will do so without the load of all the identical zones.

I have following files:

----[ /etc/bind/blackhole.zones ]---------------------------------------
@       86400           IN      SOA     dns1.tamay-dogan.net.
hostmaster.tamay-dogan.net. ( 1514061768 86400 86400 2419200 86400 )

                         IN NS           dns1.tamay-dogan.net.

                         IN CNAME        block.itsystems.tamay-dogan.net.
*                       IN CNAME        block.itsystems.tamay-dogan.net.

I see two things.

1) You can't have a CNAME at the apex of the zone because it can't live with other records, like NS and SOA.
2)  I'm not confident that you can use a CNAME with a wildcard record.

If you are really wanting to do the wildcard CNAME, I would suggest that you look at a DNAME record so that anything under the DNAME record owner (the zone in this case) will reflect something else. (At least that's my understanding of how DNAME records work.)

What have I overseen here?

Reply if you have any additional questions after my comments above.

Thanks in avance and Merry X-Mas

You're welcome.

Merry Christmas to you and yours too.



--
Grant. . . .
unix || die

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Reply via email to