AXFR for RPZ zone marked "ok" bug failed
dns at todoo.biz
dns at todoo.biz
Thu Apr 7 09:14:20 UTC 2022
Hello,
I am trying to debug an unbound system whom goal is to provide a local DNS server and our own filtering with RPZ.
I have setup a bind server distributing my RPZ zones and I can successfully AXFR from anywhere for the zone "my-zone.rpz"
I have setup the unbound server and enabled both "module-config: "respip validator iterator" and configured the zone with :
rpz:
name: "my-zone.rpz"
zonefile: "my-zone.rpz"
primary: 1.2.3.4
rpz-log: yes
rpz-log-name: "my-zone.rpz"
When I try to load the zone with : "unbound-control -c /var/unbound/unbound.conf rpz_enable blog.rpz.dynfi" --> "OK"
When I try to transfer zone with : "unbound-control -c /var/unbound/unbound.conf auth_zone_transfer blog.rpz.dynfi" --> "OK"
But IRL (in real life) nothing happens…
My BIND server does not receive the request for zone transfer.
So I might have missed something somewhere… ?
Also I don't know how to use drill to test zone transfer (if this is possible)… ?
Thanks for your help.
—
Greg Bernard
FreeBSD amateur since 20 years
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20220407/796c4644/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: LOGO_OCTOPUS_90.png
Type: image/png
Size: 4732 bytes
Desc: not available
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20220407/796c4644/attachment.png>
More information about the Unbound-users
mailing list