Hey Kai, > If I do a nslookup for one of the otto.de domains I reveive "** server > can't find somehost.ov.otto.de: SERVFAIL"
The guideline behind the response-policy is that only an actual response gets rewritten. This is usually an answer from a recursive lookup. If you don't get an answer, there is nothing to rewrite. The SERVFAIL won't be rewritten unless you told BIND to do so. You could try the 'qname-wait-recurse' option. I guess this isn't the original purpose of this option, but based on the documentation this should work for you. >From https://ftp.isc.org/isc/bind9/cur/9.11/doc/arm/Bv9ARM.ch06.html > Using this option can cause error responses such as SERVFAIL > to appear to be rewritten, since no recursion is being done to > discover problems at the authoritative server. Cheers Felix On 22.01.2018 13:58, Kai Wiechers wrote: > Hi List, > I setup a response-policy zone to override some Records from external > DNS-Servers I can't control. > My db.rpz Zonefile: > $TTL 4H > @ IN SOA localhost. kai.mydomain.com. ( > 2018012212 ; serial > 5M ; refresh > 5M ; retry > 4W ; expiry > 5M) ; minimum > IN NS localhost. > localhost A 127.0.0.1 > ulf.test.google.de A 192.168.0.1 > gerd.test.google.de A 192.168.0.2 > bild.de A 192.168.0.3 > somehost.ov.otto.de A 10.0.0.1 > otherhost.ov.otto.de A 10.0.0.2 > heise.de A 192.168.0.4 > In my options I just added > response-policy { zone "rpz"; }; > What really drives me crazy is, that the override of the google and > heise domain is working. But the otto.de domains not. > If I do a nslookup for one of the otto.de domains I reveive "** server > can't find somehost.ov.otto.de: SERVFAIL" > Any hints for me? > Thanks and best regards, > Kai > _______________________________________________ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
