| koloth |
03-24-2022 03:38 AM |
rpz entry for non existed domain goes unanswered
Hello,
I have A recursive DNS server running bind on Centos 8.5.
I've implemented a firewall based on RPZ, however i have ran into a weird issue.
The RPZ works fine and redirects the reply if the domain exists, however for non-existing domain the rpz does not reply.
Dig can show the difference:
Code:
$ dig WORKING_DOMAIN
; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.9 <<>> rarbg.to
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39661
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 3
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;WORKING_DOMAIN. IN A
;; ANSWER SECTION:
WORKING_DOMAIN. 5 IN A REDIRECT_IP
;; AUTHORITY SECTION:
MY_rpz. 10800 IN NS MY_RPZ.
;; ADDITIONAL SECTION:
MY_RPZ. 10800 IN A 127.0.0.1
MY_RPZ. 10800 IN AAAA ::1
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Mar 24 10:35:52 EET 2022
;; MSG SIZE rcvd: 120
$ dig NOT_WORKING_DOMAIN
; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.9 <<>> iptv-premier.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 51466
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;NOT_WORKING_DOMAIN. IN A
;; Query time: 26 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Mar 24 10:36:05 EET 2022
;; MSG SIZE rcvd: 45
Is it indeed an issue with the not working domain name being non-existent?
thanks in advance |
