[DNSfirewalls] NSDNAME inconsistency
Vernon Schryver
vjs at rhyolite.com
Thu Jul 18 00:16:06 UTC 2013
> From: Vincent Stoffer <vstoffer at lbl.gov>
> So I had been encoding NS entries as:
> ns1.example.com.rpz-nsdomain.rpz.foo.bar
> but it appears that the only correct syntax is:
> ns1.example.com.rpz-nsdname.rpz.foo.bar
>
> Are they both supposed to work or is rpz-nsdomain an oversight in the
> documentation? Can someone clear this up for me? I thought I had tested
> these triggers as working before (with rpz-nsdomain), so possibly something
> changed between versions? Our bind version is BIND 9.8.5-rpz2+rl.156.01-P1.
rpz-nsdname is correct and the other is my error in the ARM text.
irrelevant rant: This issue has been mentioned in the BIND-users
mailing list, so why does
https://www.google.com/search?q=%22rpz-nsdomain%22+%22rpz-nsdname%22
hide the one right hit among floods of search-spam noise gmane.org,
mail-archive.com, and other mailing list parasites? Why did Google
kill the ability to exclude those and other useless mailing list
search-spam parasites from search results? Why don't more mailing
list operators take steps to un-subscribe the search-spam mailing list
parasites?
Vernon Schryver vjs at rhyolite.com
More information about the DNSfirewalls
mailing list