Keen to know if rndc addzone functionality can be used to add zones in bind serving response-policy? If so then what would be my view? Do I need to
define my view to make it work?
I tried this and its failing hence wondering if rndc can be used to add
zone or delete zone on the fly?
Here is my config
******************************
options {
version "xxxxx";
allow-query { localhost;subnets; };
directory "/var/cache/bind";
recursion yes;
* allow-new-zones yes;*
querylog yes;
forwarders {
9.9.9.9
};
// dnssec-validation auto;
request-ixfr yes;
auth-nxdomain no; # conform to RFC1035
// listen-on-v6 { any; };
listen-on port 53 { any; };
response-policy { zone "whitlist.allow" policy passthru;
zone "immediate.block";
zone "malware.trap";
zone "block.tld";
zone "cryptojack.block";
zone "ransomwareips.block"; };
};
<div dir=3D"ltr"><div>Hi,</div><div><br></div><div>Keen to know if rndc add= zone functionality can be used to add zones in bind serving response-policy=
? If so then what would be my view? Do I need to define my view to make it = work?</div><div><br></div><div>I tried this and its failing hence wondering=
if rndc can be used to add zone or delete zone on the fly?</div><div><br><= /div><div>Here is my config</div><div><br></div><div>**********************= ********</div><div>options {<br>=C2=A0 =C2=A0 =C2=A0 =C2=A0 version "x= xxxx";<br>=C2=A0 =C2=A0 =C2=A0 =C2=A0 allow-query =C2=A0 =C2=A0 { loca= lhost;subnets; };<br>=C2=A0 =C2=A0 =C2=A0 =C2=A0 directory "/var/cache= /bind";<br>=C2=A0 =C2=A0 =C2=A0 =C2=A0 recursion yes;<br>=C2=A0 =C2=A0=
=C2=A0 =C2=A0<b> allow-new-zones yes;</b><br>=C2=A0 =C2=A0 =C2=A0 =C2=A0 q= uerylog yes;<br>=C2=A0 =C2=A0 =C2=A0 =C2=A0 forwarders {<br>=C2=A0 =C2=A0 = =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 9.9.9.9<br>=C2=A0 =C2=A0 =C2=A0 = =C2=A0 =C2=A0};<br>// =C2=A0 =C2=A0 =C2=A0dnssec-validation auto;<br>=C2=A0=
=C2=A0 =C2=A0 =C2=A0 request-ixfr yes;<br>=C2=A0 =C2=A0 =C2=A0 =C2=A0 auth= -nxdomain no; =C2=A0 =C2=A0# conform to RFC1035<br>// =C2=A0 =C2=A0 =C2=A0l= isten-on-v6 { any; };<br>=C2=A0 =C2=A0 =C2=A0 =C2=A0 listen-on port 53 { an=
y; };<br>=C2=A0 =C2=A0 =C2=A0 =C2=A0 response-policy { zone "whitlist.= allow" policy passthru;<br>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 zone "immediate.block";= <br>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 = =C2=A0 =C2=A0 zone "malware.trap";<br>=C2=A0 =C2=A0 =C2=A0 =C2=A0=
=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 zone "block.t= ld";<br>=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0=
=C2=A0 =C2=A0 =C2=A0 zone "cryptojack.block";<br>=C2=A0 =C2=A0 = =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 zone = "ransomwareips.block"; =C2=A0};<br>};<br></div><div><br></div><di= v>And I wanted to add lets say porn.block zone<br></div></div>