GSS domain-lists

Unanswered Question
Nov 3rd, 2009
User Badges:

Hi everyone,


I have a query about GSS devices and domain-lists.


At the moment we have individual domain-lists configured, for example:


domain-list DOMAIN1

domain DOMAIN1.EXAMPLE.COM


domain-list DOMAIN2

domain DOMAIN2.EXAMPLE.COM


domain-list DOMAIN3

domain DOMAIN3.EXAMPLE.COM


We also have a global forward rule to send for any unknown requests to an upstream name-server.


We are seeing an unwanted effect when internal hosts try to resolve unknown domains within *.EXAMPLE.COM. We would like to avoid these requests from being forwarded upstream.


Essentially we need the GSS to return a NXDOMAIN message for anything unknown with *.EXAMPLE.COM.


Thanks,


Paul

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
litrenta Tue, 11/03/2009 - 14:29
User Badges:
  • Cisco Employee,

you could set up another domain list with .*\.example\.com the use a dns rule without an answer.This woiuld give you a serverfail rather than nxdomain but will keep you from forwarding.



Actions

This Discussion