Hi Sten,
I might need new glasses or change my brain sometimes as I missed this
/16 for the 192.168.0.0 IP range.
I updated my bogusnets ACL with !192.168.10.0/24 before the
192.168.0.0/16 and all is working like a charm now.
I knew there was something in this part but couldn't think of something
else as I was struggling on this for a long time and I should have been
very tired.
Thanks for pointing me in the right direction!
Best regards,
Laurent
Le 04/05/2026 à 21:01, Sten Carlsen a écrit :
Think that 192.168.0.0/16 = 192.168.x.x which includes
192.168.10.0/24 so adding your !192… will only work if if comes in
the right sequence relative to the 192.168.0.0/16; (don't recall how
priorities work here)
--
Best regards
Sten Carlsen
A pessimist is a person that can find a problem for every solution.
On 4 May 2026, at 17.12, poubeline--- via bind-users
<[email protected]> wrote:
OK, I have found something strange.
In my named.conf.local file I have:
acl bogusnets {
0.0.0.0/8; 192.0.2.0/24; 224.0.0.0/3;
10.0.0.0/8; 172.16.0.0/12; 192.168.0.0/16;
};
and in my named.conf.options file I have:
blackhole { bogusnets; };
and in this case I cannot query from my local net.
If I comment the 'blackhole' line in named.conf.options everything works.
I don't understand why I cannot query from my local net event if it
is not in the 'bogusnets' ACL.
Even if I add '!192.168.10.0/24;' in the 'blackhole' or in the
'bogusnets' ACL I cannot query from my local net.
If anyone has a clue, let me know
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to
unsubscribe from this list.
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list.
