0234 | named allow recursion query for only specific zone

first> define dummy ip address (e.g. set it to loopback interface

ip addr add dev lo

second> named configuration:

  • define acl for blackhole query to the dummy ip address defined
acl acl_blackhole {; };
  • declare view for blackhole dns request
view blackhole {
    match-destinations { acl_blackhole; };
    recursion no;
  • declare default view for accepting the query. recursion should be yes for allowing the query
view default {
    recursion yes;
    forward only;
    forwarders {; }; # by default forward to blackhole

    zone "example.com." IN {
        type forward;
        forward only;
        #  specify your real recursion dns server here
        forwarders {;; };