I have a query about GSS devices and domain-lists.
At the moment we have individual domain-lists configured, for example:
We also have a global forward rule to send for any unknown requests to an upstream name-server.
We are seeing an unwanted effect when internal hosts try to resolve unknown domains within *.EXAMPLE.COM. We would like to avoid these requests from being forwarded upstream.
Essentially we need the GSS to return a NXDOMAIN message for anything unknown with *.EXAMPLE.COM.