On 21.1.2016 22:52, Mark Andrews via RT wrote:
> Meant to send this as a reply
> 
> On Mon Jan 18 15:56:13 2016, marka wrote:
>> We really can't second guess what the user wants.  We could look at
>> issuing
>> a warning if rfc1918 && inherited(first) -> warning.
>>
>> e.g.
>> zone 1.0.10.in-addr.arpa { type forward; forwarders { … }; }; ->
>> warning
>>
>> zone 1.0.10.in-addr.arpa { type forward; forward first; forwarders { …
>> }; }; -> no warning
>>
>> "inherited 'forward first;' for rfc1918 zone '%s' - did you want
>> 'forward only;'? (use explicit 'forward first;' in zone declaration to
>> disable warning)"
>>
>> If you feel like coding this we can review it.

I got lost in the configuration logic and I cannot see an obvious way how to
do this. Would it be okay to always print a warning if policy == first and the
zone is one of automatic empty zones? For me it is hard to imagine a case
where it okay to use policy 'first' anyway.


This reminds me one more thing regarding auto-disabling empty zones for policy
== only.

If the user defined forward zone 3.2.10.in-addr.arpa it unloads complete zone
10.in-addr.arpa. As a consequence, queries for rest of 10.in-addr.arpa will leak.

Is this expected/okay?

-- 
Petr Spacek  @  Red Hat