Discuss Configuring DNS BIND RPZ in the DNS forum on Dev Shed. Configuring DNS BIND RPZ DNS forum discussing issues, servers, and configurations. The Domain Name System (DNS) is what the Internet uses to translate website names into IP addresses.
Receive the tools necessary to be the rock star of your field. Our 12-month program teaches you the evolving world of multi-channel marketing as well as the complex issues and opportunities found in the industry.
ASP Free and Iron Speed Designer are giving away $5,500+ in FREE licenses. Iron Speed's RAD CASE toolset can save up to 80% of your coding time. One free license per week, one perpetual license per month! Download and Activate to enter!
Web development can be a daunting task, even for specialists. There is a lot of information to absorb and a lot of technologies to learn in order to manage a superior website. When trying to learn the ropes, developers need a reliable source to introduce new ideas that can be easily implemented. When working on large projects, even web veterans may run into a technology or an aspect of a technology that they are unfamiliar with.
Posts: 240
Time spent in forums: 3 Days 13 h 6 m 12 sec
Reputation Power: 2
There are articles on setting up RPZ's but I honestly haven't really attempted it. I read the RFC but never actually did it.
Here's an article in French but it has an example of the Options and Zone data. It looks pretty straightforward:
http://dns.blog4ever.com/blog/lire-article-491870-2332506-rpz_et_dns__exemple_de_configuration.html
Here's the RFC on it as well with some good stuff in it:
http://ftp.isc.org/isc/dnsrpz/isc-tn-2010-1.txt
Posts: 7
Time spent in forums: 44 m 41 sec
Reputation Power: 0
I've tried to follow the link that you've gave me, under the configuration of db.rpz.zone. How come after the configuration, it still didn't block the IP Address?
Posts: 240
Time spent in forums: 3 Days 13 h 6 m 12 sec
Reputation Power: 2
A quick update, I installed BIND 9.8 on a test machine and literally copy/pasted what was on that website in to the configuration and it worked right off. Make sure you have no typos and are running BIND 9.8.
Code:
/etc/bind# dig @127.0.0.1 google.com.
; <<>> DiG 9.8.1-P1 <<>> @127.0.0.1 google.com.
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25967
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;google.com. IN A
;; ANSWER SECTION:
google.com. 10 IN A 127.0.0.17
;; AUTHORITY SECTION:
rpz.zone. 10 IN NS localhost.
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Wed Jan 25 10:06:43 2012
;; MSG SIZE rcvd: 75
Posts: 240
Time spent in forums: 3 Days 13 h 6 m 12 sec
Reputation Power: 2
Does named start? What exactly is happening after you make the zone and the config. You might want to check the server logs for any named entries to see if the zone isn't loading.
Posts: 7
Time spent in forums: 44 m 41 sec
Reputation Power: 0
What do you mean by does named start? The ISC BIND has started in the services.
I've created two zones under named.config, one is the iadlp.cng.com and another one is the rpz.zone which I've followed through the website that you've gave me in the previous reply.
;; ANSWER SECTION:
google.com. 198 IN A 74.125.235.51
google.com. 198 IN A 74.125.235.52
google.com. 198 IN A 74.125.235.48
google.com. 198 IN A 74.125.235.49
google.com. 198 IN A 74.125.235.50
;; AUTHORITY SECTION:
. 13395 IN NS i.root-servers.net
. 13395 IN NS j.root-servers.net
. 13395 IN NS m.root-servers.net
. 13395 IN NS k.root-servers.net
. 13395 IN NS l.root-servers.net
. 13395 IN NS a.root-servers.net
. 13395 IN NS h.root-servers.net
. 13395 IN NS g.root-servers.net
. 13395 IN NS b.root-servers.net
. 13395 IN NS f.root-servers.net
. 13395 IN NS c.root-servers.net
. 13395 IN NS d.root-servers.net
. 13395 IN NS e.root-servers.net
;; ADDITIONAL SECTION:
a.root-servers.net. 72188 IN A 192.41.0.4
a.root-servers.net. 36064 IN A 192.228.79.201
a.root-servers.net. 71186 IN A 192.33.4.12
a.root-servers.net. 71327 IN A 128.8.10.90
a.root-servers.net. 85834 IN A 192.203.230.10
a.root-servers.net. 36096 IN A 192.5.5.241
a.root-servers.net. 68021 IN A 192.112.36.4
a.root-servers.net. 36122 IN A 128.63.2.53
a.root-servers.net. 71196 IN A 192.36.148.17
a.root-servers.net. 27161 IN A 192.58.128.30
a.root-servers.net. 72160 IN A 193.0.14.129
a.root-servers.net. 67622 IN A 199.7.83.42
Posts: 240
Time spent in forums: 3 Days 13 h 6 m 12 sec
Reputation Power: 2
I would suggest checking your logs. The process for BIND is called "named". You will want to check the logs for anything logged by named for errors. If you have restarted the named process after the config change and it still queries the internet, that means named is running but it seems like the rpz zone didn't load. The logs will usually tell you why.
Posts: 240
Time spent in forums: 3 Days 13 h 6 m 12 sec
Reputation Power: 2
If it's a nix system, you want to check /var/log/messages or /var/log/syslog. Use grep and search "named" in whichever log your system is logging info to and it should have some information in it.
Posts: 240
Time spent in forums: 3 Days 13 h 6 m 12 sec
Reputation Power: 2
No, if it's windows you should probably check out the Event Viewer in admin tools in the control panel. I'm guessing it would probably under the applications section.
Posts: 240
Time spent in forums: 3 Days 13 h 6 m 12 sec
Reputation Power: 2
I'm not too familiar with running BIND on windows since I only use it on linux/unix systems, so I'm not sure if there is a default directory you should look in or if it's something you specified. But you have to have the db.rpz.zone in the correct directory (the one mentioned in your named.conf file. It looks like from the log, the specified zone file isn't there so it's not being loaded (and problems with another zone you have). If the local files are not found or formatted incorrectly, named will still start up but the bad zones will not be loaded. So named cannot answer from those local files (like it would in the case of an rpz).
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
Linear Mode
