0234 | named allow recursion query for only specific zone

first> define dummy ip address (e.g. 192.0.2.1) set it to loopback interface

ip addr add 192.0.2.1/32 dev lo

second> named configuration:

  • define acl for blackhole query to the dummy ip address defined
acl acl_blackhole { 192.0.2.1; };
  • declare view for blackhole dns request
view blackhole {
    match-destinations { acl_blackhole; };
    recursion no;
}
  • declare default view for accepting the query. recursion should be yes for allowing the query
view default {
    recursion yes;
    forward only;
    forwarders { 192.0.2.1; }; # by default forward to blackhole

    zone "example.com." IN {
        type forward;
        forward only;
        #  specify your real recursion dns server here
        forwarders { 1.0.0.1; 1.1.1.1; }; 
    }
}