Re: How to block part of a zone

2014-09-17 Thread Merijntje Tak
On 16-09-14 18:20, King, Harold Clyde (Hal) wrote: > Resolve all traffic for example.com from example.com¹s dns servers, but > stop badhost.example.com. Ideally you would use RPZ records for this purpose. You can override single records with another record. RPZ is only available in bind 9.8+. An ex

Re: How to block part of a zone

2014-09-16 Thread Kevin Darcy
You have multiple choices here. Loopback is sometimes a bad choice, since the client may try to connect to itself, and in pathological cases this could cause an infinite loop. You could consider an A record with RDATA 0.0.0.0, the "null" or "unspecified" address. It is not legal for that ever

How to block part of a zone

2014-09-16 Thread King, Harold Clyde (Hal)
I need to block a host in an exterior domain. Resolve all traffic for example.com from example.com¹s dns servers, but stop badhost.example.com. I guess I could become authoritative for badhost.example.com and point the host to 127.0.0.1. Does that sound like bad things would happen? Zone ³badhost