Skip to content

RPZ Broken?

It seems that RPZ no longer works as expected. The following setup should tell BIND to drop queries for test.none, but BIND returns query refused instead.

named.conf:

response-policy { zone "rpztest"; } recursive-only no break-dnssec yes;

Zone rpztest:

; Block test.none.
*.test.none CNAME rpz-drop.

Is it a known issue?

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information