Sometimes, the Bind9 will return the recursive record after I configure the response policy zone

北山硝子

8/4/24, 5:15 AM

I configure a response policy zone in my DNS server and I use that to block two domains. This is my zone file.

$TTL    1
$ORIGIN rpztest.
@       IN      SOA     ns1.fati. ns2.fati. (
                              1         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                          86400 )       ; Negative Cache TTL
;    
                NS      ns1.fati.
                NS      ns2.fati.
; check dns connection
check.dns.tw.fullaccesstointernet.cn.eu.org     IN      A       103.61.139.106
*.check.dns.tw.fullaccesstointernet.cn.eu.org   IN      A       103.61.139.106
nekomoe.moe     IN      A       103.61.139.106
*.nekomoe.moe   IN      A       103.61.139.106

After configuring RPZ, sometimes it returns the record from the original authoritative name server. Looks like this picture. enter image description here

This is my config file.

options {
        directory "/var/cache/bind";
        recursion yes;
        allow-recursion {any;};
        allow-query {any;};
        // max-cache-ttl 1;
        // max-ncache-ttl 1;
        response-policy {
                zone "rpztest";
        }
        qname-wait-recurse no;
        dnssec-validation auto;

        listen-on { any; };
};

zone "rpztest" {
        type master;
        file "/etc/bind/response.policy.zone";
        allow-transfer {any;};
};

How can I solve this kind of problem?

0 + 0

bind

rpz

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Sometimes, the Bind9 will return the recursive record after I configure the response policy zone

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.