Hi Wolfgang, If you have a CNAME record, no other resource types can exist for the same fqdn (label). A CNAME literally means: "look here instead for every single record with this name." So if you want to override a single TXT record for www.cisco.com, you'll need to include the other resource records for www.cisco.com in your RPZ zone file as well.
John On Thu, Oct 8, 2015 at 5:25 PM, Wolfgang Riedel [CISCO] <wolfg...@cisco.com> wrote: > Hi Folks, > > I am currently struggling with using RPZ for inserting or overriding TXT > resource records. > > This is my goal: > > ; do not rewrite www.cisco.com (so, PASSTHRU) and add or override missing > metadata > www.cisco.com CNAME rpz-passthru. > www.cisco.com TXT > "CISCO-CLS=app-name:HTTP|app-class:TD" > > What work's is that I can do one or the other but not both at the same time > if I need to use a CNAME. > > This works: > > wolfgang.dns-as.org A 193.34.28.108 > wolfgang.dns-as.org TXT > "CISCO-CLS=app-name:RPZ|app-class:TD" > > but in reality this will not work for CDN or load-balanced sites which don't > have fixed IP address. > > Any hint's what I am doing wrong? > > Many thanks, > Wolfgang > > _______________________________________________ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to > unsubscribe from this list > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users -- John Miller Systems Engineer Brandeis University johnm...@brandeis.edu (781) 736-4619 _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
