Knowledge Base ISC Main Website Ask a Question/Contact ISC
 Featured
Building DNS Firewalls with Response Policy Zones (RPZ)
Author: Paul Vixie Reference Number: AA-00525 Views: 38559 Created: 2011-11-01 18:29 Last Updated: 2013-08-12 11:51 0 Rating/ Voters

A DNS Firewall can help you control what domain names, IP addresses, and name servers are allowed to function on your network. You can build such a firewall using DNS Response Policy Zones (RPZ), which is an open and vendor-neutral standard for the interchange of DNS Firewall configuration information. DNS RPZ is a standard feature of BIND9 as of 9.8.1, and is expected to be supported by other (non-BIND) name servers soon.

Topics in this section:


© 2001-2015 Internet Systems Consortium

Please help us to improve the content of our knowledge base by letting us know below how we can improve this article.

If you have a technical question or problem on which you'd like help, please don't submit it here as article feedback.

For assistance with problems and questions for which you have not been able to find an answer in our Knowledge Base, we recommend searching our community mailing list archives and/or posting your question there (you will need to register there first for your posts to be accepted). The bind-users and the dhcp-users lists particularly have a long-standing and active membership.

ISC relies on the financial support of the community to fund the development of its open source software products. If you would like to support future product evolution and maintenance as well having peace of mind knowing that our team of experts are poised to provide you with individual technical assistance whenever you call upon them, then please consider our Professional Subscription Support services - details can be found on our main website.

Feedback 2
  • #
    [KB Admin]: broken links 2013-08-12 11:56

    Thanks for highlighting the broken link to the blog post - it should now be fixed. The webinar article requires you to register for the KB (registration is open to all) to view it, but should not require any administrator privileges.

  • #
    [ Vick]: broken links 2013-07-12 13:45

    the link to the blog post Taking back the DNS, and the link to the Webinar (last link) are both broken. The first is a page not found, and the webinar says I have to login as administrator to view the page.

Info Submit Feedback on this Article
Nickname: Your Email: Subject: Comment:
Enter the code below:
Quick Jump Menu