In order to make the determination whether to apply an rpz-nsip rule,
the DNS server must have the NS records and their corresponding A
records. In a recursive resolver, it would have had to lookup said NS
and A records to find the answer to the query, so they are cached and
available. In a
Lee, thanks for your quick answer.
I applied the policy based on rpz-nsip trigger instead of mg.gov.br QNAME
because of some others situations in my environment. Like I said earlier, the
doubt is why when there's no forward zone the trigger works properly? In my
opinion it should'nt have
On 3/25/19, Miguel Mucio Santos Moreira wrote:
>
> Hello everybody!
Hi!
> I have a problem with DNS-RPZ and forward zone working together.
> I've created a rpz zone with the following trigger on my recursive DNS
> Server:
> 18.0.0.198.200.rpz-nsip IN CNAME rpz-passthru.
Which means anybody can
Hello everybody!
I have a problem with DNS-RPZ and forward zone working together.
I've created a rpz zone with the following trigger on my recursive DNS Server:
18.0.0.198.200.rpz-nsip IN CNAME rpz-passthru.
It means any query response comming from a DNS Server which IP address matching
with
4 matches
Mail list logo
