[dns-operations] RCODE for bogon answers

Florian Weimer fw at deneb.enyo.de
Thu Oct 11 17:06:29 UTC 2007


* Sean Donelan:

> On Tue, 9 Oct 2007, Paul Vixie wrote:
>>> Since its becominging more common to have more administrative controls
>>> on local name servers, such as bogon and name filters, what is the
>>> recommended RCODE for queries denied by policy filters?
>>>
>>> The obvious choice is RCODE=5 (Refused).  But that seems to confuse
>>> a lot of clients.
>>
>> as would any new RCODE.
>
> Then would the best practice be to return the equivilent of NXDOMAIN
> for things blocked by name server policy?

This is a bit rude in the case someone mistakenly points one of their
NSes to your server.



More information about the dns-operations mailing list