On Wed, Oct 23, 2019 at 10:21:08PM +0500, Andrey Geyn wrote:
> Hi, Fred!
>
> Thank for your reply and tests.
> The questions you ask are my questions too, just asked more professionally.
> Thanks for it :)
>
> .../...
> In my test (I have BIND 9.11.3-1ubuntu1.9-Ubuntu) I have following named.conf:
> """
> options {
> response-policy {zone "rpz"; };
> }
> zone "rpz" {
> type master;
> file "/etc/bind/rpz.zone";
> };
RPZ zone is only use internally to Bind. It doesn't need to be
resolvable outside. So you can skip the zone declaration.
If you need zone declaration (cause you have slaves for this zone),
you can restrict access to it by adding "allow-query { slaves... };"
on master and "allow-query {};" on slaves.
sincerly,
--
Julien
<< Vous n'avez rien a dire... Parlons-en! >>
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
