As discussed in another thread, delegate the zone you want to forward, in addition to defining the zone as "type forward". If you already tried a "type forward" and it didn't work, it was probably because the delegation was missing. It's a non-obvious requirement, but named needs to see the zone cut.
- Kevin On Wed, Feb 20, 2019 at 3:19 PM King, Harold Clyde (Hal) <h...@utk.edu> wrote: > We have a URL phishing setup that causes URLs we detect to redirect to a > warning page. We have run into a problem. One of our clients has scripts > that he calls from a host in that domain. > > Needs.example.com when we block example.com. > > Can I create a root zone to define a wildcard pointing to our warning page > with one hostname defined going to a forward’ed DNS source? I could just > give it an IP, but can I forward that one domain to outside DNS (Google or > their NS repository)? > > > > Here’s a very rough draft of the root zone: > > > > $ORIGIN . > > $TTL 3600 > > example.com IN SOA us.ourdns.com. helpdesk.ourdns.com. > > > > * CNAME url-blocking.ourdns.com > > needs forward(8.8.8.8) > > > > -- > > Hal > > > _______________________________________________ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to > unsubscribe from this list > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users >
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users