re: .prod issues

I have a subdomain prod.mydomain.com today all of our internal resources that use this prod subdomain stopped being able to reach eachother. I believe the issue is related to the release of .prod as a TLD. Is there a way I can block this TLD or point it back to my environment? Currently,

Re: RPZ configuration examples

, visit: https://lists.isc.org/mailman/listinfo/dnsrpz-interest noting, again: there is documentation online for DNS RPZ, see the following: https://deepthought.isc.org/article/AA-00525/0/Building-DNS-Firewalls-with-Response-Policy-Zones-RPZ.html thank you for your interest in DNS RPZ. -- Paul

Re: disable dnssec in bind resolver

at validating the resulting metadata, i expect BIND to keep setting DO on all EDNS requests it generates. and i don't think you can make a _public benefit_ argument that this is wrong even though there are _private benefit_ arguments. -- Paul Vixie KI6YSY

Re: disable dnssec in bind resolver

Doug Barton do...@dougbarton.us writes: On 06/04/10 19:40, Paul Vixie wrote: ... unless a new IETF RFC comes along and disambiguates the meaning of DO such that it's only to be set if the requestor thinks it has a reasonable shot at validating the resulting metadata, i expect BIND to keep

[no subject]

() in more or less direct contravention to RFC 1034. if dnsviz doesn't handle it (and i don't know if it doesn't) then it's not dnsviz's fault at all since the DNS RFC's say that there will only be one PTR RR at an in-addr. -- Paul Vixie KI6YSY ___ bind