subject:"RE\: refused rcode is not working RPZ\?"

Re: refused rcode is not working RPZ?

2016-11-17 Thread Phil Mayers


On 17/11/16 02:29, LEE SUKMOON wrote:


This domain causes many recursive query.
And client received late SERVFAIL response.

I want to quickly response "*.jifr.net".
I want to solve this problem using RPZ.



See "qname-wait-recurse" in the bind ARM. This will apply policy to the 
query for QNAME triggers without waiting for the response.

___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

RE: refused rcode is not working RPZ?

2016-11-16 Thread LEE SUKMOON

> On 17/11/2016 10:20, LEE SUKMOON wrote:
> 
> > I want to response NXDOMAIN.
> > Is it a solution this case?
> 
> You'd usually get SERVFAIL from the recursor because the domain is
> misconfigured with a lame delegation, and either way the client won't
> get an answer.
> 
> Is there a particular reason that the exact RCODE matters ?
> 
> Ray
> 

This domain causes many recursive query.
And client received late SERVFAIL response.

I want to quickly response "*.jifr.net". 
I want to solve this problem using RPZ.

Thanks.
Sukmoon Lee.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: refused rcode is not working RPZ?

RE: refused rcode is not working RPZ?

2 matches

Site Navigation

Mail list logo

Footer information