: lundi 19 juin 2023 16:56
À : Lee ; RAHAL Sami SOFRECOM
Cc : bind-users@lists.isc.org
Objet : Re: replace "SERVFAIL" to "NXDOMAIN" with rpz
From the correct email alias this time!
On Mon, 19 Jun 2023 at 16:50, Greg Choules
mailto:gregchou...@googlemail.com>> wrote:
Hi L
rcvd: 48
>> >
>> >
>> >
>> > # dig @0 example.com
>> >
>> >
>> >
>> > ; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.10 <<>> @0 example.com
>> ; (1
>> > server found) ;; global options: +cmd ;; Got ans
RM - but
> it's not something I would do.
>
> Cheers, Greg
>
> On Mon, 19 Jun 2023 at 12:40,
> mailto:sami.ra...@sofrecom.com>> wrote:
> Thank you Greg
> So if I understand correctly if we receive a servfail return code we can not
> modify this code by nxdomain with
SOA LOCALHOST. need.to.know.only.
2016011100 43200 900 1814400 7200
;; Query time: 347 msec
;; SERVER: 127.0.0.1#53(0.0.0.0)
;; WHEN: Mon Jun 19 10:52:36 CET 2023
;; MSG SIZE rcvd: 115
De : Greg Choules
Envoyé : lundi 19 juin 2023 15:12
À : RAHAL Sami SOFRECOM
Cc : bind-users@lis
de we can
> not modify this code by nxdomain with the rpz configuration?
>
> Regards
>
>
>
> *De :* Greg Choules
> *Envoyé :* lundi 19 juin 2023 12:02
> *À :* RAHAL Sami SOFRECOM
> *Cc :* bind-users@lists.isc.org
> *Objet :* Re: replace "SERVFAIL" to "NXDOMA
MAIN" so as not to distort the
monitoring result .
Regards
De : Greg Choules
mailto:gregchoules%2bbindus...@googlemail.com>>
Envoyé : lundi 19 juin 2023 10:03
À : RAHAL Sami SOFRECOM
mailto:sami.ra...@sofrecom.com>>
Cc : bind-users@lists.isc.org<mailto:bind-users@list
to change the return code for this
> domain name to "NXDOMAIN" so as not to distort the monitoring result .
>
> Regards
>
> *De :* Greg Choules
> *Envoyé :* lundi 19 juin 2023 10:03
> *À :* RAHAL Sami SOFRECOM
> *Cc :* bind-users@lists.isc.org
> *Objet :*
code for this domain name to "NXDOMAIN" so as not
to distort the monitoring result .
Regards
De : Greg Choules
Envoyé : lundi 19 juin 2023 10:03
À : RAHAL Sami SOFRECOM
Cc : bind-users@lists.isc.org
Objet : Re: replace "SERVFAIL" to "NXDOMAIN" with rpz
H
c.org
>
> When replying, please edit your Subject line so it is more specific than
> "Re: Contents of bind-users digest..."
>
>
> Today's Topics:
>
>1. replace "SERVFAIL" to "NXDOMAIN" with rpz
> (sami.ra...@sofrecom.com)
>
our Subject line so it is more specific than "Re:
Contents of bind-users digest..."
Today's Topics:
1. replace "SERVFAIL" to "NXDOMAIN" with rpz
(sami.ra...@sofrecom.com)
2. Re: replace "SERVFAIL" to "NXDOMAIN" with rpz (Crist C
8. Configuration Reference — BIND 9 9.18.13 documentationbind9.readthedocs.ioI would certainly recommend reading the docs… especially the sections on break-dnssec and qname-wait-recurse.--Ondřej Surý — ISC (He/Him)My working hours and your working hours may be different. Please do not feel
Admittedly, since I'm writing software to do "off label" stuff with DNS I
make mistakes. But I have seen things along this line (interactions
between RPZ and regular resolution in the context of "broken" domains): in
some cases it has seemed impossible to ameliorate / mitigate SERVFAIL
That should return a NXDOMAIN. Returning SERVFAIL is never a normal RPZ
action. Something is wrong with your configuration.
On Fri, Jun 16, 2023 at 1:39 PM wrote:
>
>
> Hello
>
> For monitoring reasons I try to change the return code of a domain name
> from "SERVFAIL" to "NXDOMAIN" with the rpz
Hello
For monitoring reasons I try to change the return code of a domain name from
"SERVFAIL" to "NXDOMAIN" with the rpz classic configuration of BIND9.16.42 as
follows:
example.com IN CNAME.
*.example.com IN CNAME .
But it still doesn't work, I still have the message " SERVFAIL", is it
14 matches
Mail list logo
