I am seeing that even with a zone included in an RPZ, the BIND server is still going out to the Internet to resolve the name. I was hoping the RPZ entry would stop processing short of that.
I have "some.bad.domain.tld" returning NODATA. The client is getting the response I expect. The SOA is for the RPZ. I see it being logged as an RPZ response. That's all good. But what is not good is that the server is still sending a query for "some.bad.domain.tld" upstream to its forwarder. I do not want that. I expected the RPZ to stop that. Is this expected behavior? Why is it doing it? Is there a way to stop it? BIND 9.9.2.
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
