[Pdns-users] failover on NXDOMAIN
Otto Moerbeek
otto at drijf.net
Fri Feb 7 11:11:39 UTC 2025
On Fri, Feb 07, 2025 at 10:58:06AM +0000, Brian Candler via Pdns-users wrote:
> On 07/02/2025 10:54, Brian Candler via Pdns-users wrote:
> >
> > I've done this successfully with bind9. I've never tried it with
> > pdns-recursor but it appears to be fully supported:
> >
> > https://doc.powerdns.com/recursor/lua-config/rpz.html
> >
> Oh, and there's a blog about it:
>
> https://blog.powerdns.com/2016/06/28/response-policy-zone-support-in-powerdns-recursor
I see the content is mangled due to the website moving to a new
contect management system. The price of progress I assume... :(
Anwyay, RPZs have good support, we have large customers running them
with millions of entries for filtering purposes. But overriding
is also possible.
For the split horizon case, forwarding to a specific server can also
solve the problem in some cases. That requires the special internal
zone to be consistent with the externally visible one, i.e. it needs
to contain all non-overriden entries from the public one and override
or add the entries that need a special value.
-Otto
More information about the Pdns-users
mailing list