On 12/6/24 21:46, Mark Andrews wrote:
Have you read the fine documentation on BIND where it is stated this is not 
(currently) possible?

If you want to extend named to support this we would be happy to review a 
change request.  It is complicated however which is why it has not been done.

Oh, a single line in page 257: "An in-view zone cannot be used as a response policy zone.". Acked.

Ok.

I have checked the source code in librpz.h and dnsrps.c. Quite scary...

So, I have a question about what are the best practices to configure different RPZs for different clients without paying the overhead of loading multiple times the same RPZ. With 8 different RPZ, there are 256 combinations (views) and the memory overhead would be RPZx128!

I wonder about librpz and dnsrps. The source is quite difficult and opaque, and I see no documentation anywhere beside a passing mention to "dnsrps-enable" and "dnsrps-options". Any hint?

--
Jesús Cea Avión                         _/_/      _/_/_/        _/_/_/
j...@jcea.es - https://www.jcea.es/    _/_/    _/_/  _/_/    _/_/  _/_/
Twitter: @jcea                        _/_/    _/_/          _/_/_/_/_/
jabber / xmpp:j...@jabber.org  _/_/  _/_/    _/_/          _/_/  _/_/
"Things are not so easy"      _/_/  _/_/    _/_/  _/_/    _/_/  _/_/
"My name is Dump, Core Dump"   _/_/_/        _/_/_/      _/_/  _/_/
"El amor es poner tu felicidad en la felicidad de otro" - Leibniz
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Reply via email to