[dns-operations] use-application-dns.net
Vladimír Čunát
vladimir.cunat+ietf at nic.cz
Mon Sep 9 16:27:58 UTC 2019
On 9/9/19 12:50 PM, Thomas Mieslinger wrote:
> Is there any documentation how the mozilla guys did it with which
> recursive/authoritative Software
I'm not aware of any, but I think it's like usual DNS filtering. That
zone is currently signed, so making it NXDOMAIN will inevitably cause a
problem for validators "below", though that's probably not a significant
concern for you.
With Knot Resolver this kind of filtering is fortunately quite easy:
policy.add(policy.suffix(policy.DENY, {todname('use-application-dns.net.')}))
More knowledgeable people will surely soon write howtos for others.
--Vladimir
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20190909/278f5e18/attachment.html>
More information about the dns-operations
mailing list