At Mon, 20 Apr 2009 14:55:56 +0800, Ken Lai <soulhacker...@gmail.com> wrote:
> let's take an example. my DNS server called SrvA, the outer DNS server > called SrvB. > > normally, the client sent the query to SrvA, and SrvA forwards it to > SrvB. and SrvA return a result which came from SrvB to the client. > unfortunately the SrvB sometimes will return a A record that is a > advertisement site ip to SrvA. so i dont want to respond to client if > the returned IP address is the Advertisement site address. > > filter the domain name may not be suitable. As already pointed out in this list, if this is specific to the real recursive server (= SrvB), you probably rather want to reconsider the use of it in the first place. If this is not specific to that single server (= SrvB), I doubt filtering based on the IP addresses of A RRs of responses will be very effective because there are many such addresses, some of which may even be changing rapidly. Regarding the specific question about resource data (e.g. IP address) based filtering: no, BIND9 currently doesn't provide such filtering. However, we're now reviewing a kind of such filtering based on contributed patch (for different purposes than that you described), and it *may* be included in BIND 9.7. Even so, I suspect the new filtering feature is not something you want for your purpose as described above. --- JINMEI, Tatuya Internet Systems Consortium, Inc. _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
