Local rpz ban list format
Peter van Dijk
peter.van.dijk at powerdns.com
Wed May 12 11:54:57 UTC 2021
On Sun, 2021-04-11 at 19:37 +0000, Paul Vixie via Unbound-users wrote:
>
> in BIND, a zone must have an SOA and an NS or loading will fail, and so
> the RPZ specification calls for these elements. while it's unknown to me
> whether Unbound has the same requirement, i suggest you keep your RPZ's
> in a portable form, and thus, that you include these elements.
>
> $TTL is unnecessary. the TTL of records in an RPZ is not relevant
The TTL of records in an RPZ might affect caching on a client, or an
intermediate forwarder, for 'positive' responses.
MIN(SOA TTL, SOA MINIMUM) might affect caching on a client/forwarder if
an RPZ trigger causes a negative response that includes an SOA.
Kind regards,
--
Peter van Dijk
PowerDNS.COM BV - https://www.powerdns.com/
More information about the Unbound-users
mailing list