Knowledge Base ISC Main Website Ask a Question/Contact ISC
Building DNS Firewalls with Response Policy Zones (RPZ)
Author: Paul Vixie Reference Number: AA-00525 Views: 25725 Created: 2011-11-01 18:29 Last Updated: 2013-08-12 11:51 0 Rating/ Voters

A DNS Firewall can help you control what domain names, IP addresses, and name servers are allowed to function on your network. You can build such a firewall using DNS Response Policy Zones (RPZ), which is an open and vendor-neutral standard for the interchange of DNS Firewall configuration information. DNS RPZ is a standard feature of BIND9 as of 9.8.1, and is expected to be supported by other (non-BIND) name servers soon.

Topics in this section:

© 2001-2014 Internet Systems Consortium

Feedback 2
  • #
    [KB Admin]: broken links 2013-08-12 11:56

    Thanks for highlighting the broken link to the blog post - it should now be fixed. The webinar article requires you to register for the KB (registration is open to all) to view it, but should not require any administrator privileges.

  • #
    [ Vick]: broken links 2013-07-12 13:45

    the link to the blog post Taking back the DNS, and the link to the Webinar (last link) are both broken. The first is a page not found, and the webinar says I have to login as administrator to view the page.

Info Submit Feedback on this Article
Nickname: Your Email: Subject: Comment:
Enter the code below:
Quick Jump Menu