[rbldnsd] managing 'thousands' of zones in RBLDNSd rather than Bind9?

[snowcrash+rbldnsd]

hi,

> If I remember correctly, bind is set to "forward first" to rbldnsd.  If
> the domain is blacklisted, rbldnsd returns a specific address or
> optionally NXDOMAIN.  If the domain is not blacklisted, rbldnsd returns
> REFUSE and bind goes out to look up the domain on its own.  After the
> first query of a blacklisted domain, bind holds the answer in cache
> (e.g. 127.0.0.2 or NXDOMAIN) and doesn't need to requery rbldnsd for
> repeat lookups.  Likewise a non-blacklisted domain is cached and is not
> forwarded again for rbldnsd to check it, but bind serves it directly
> from cache.  You can think of rbldnsd as a sort of bind cache populator
> for blacklisted domains.

ah. so the order of fwd'ing *is* the same as what i do now.

the difference being that in "your" scenario, fwd-1st occurs to
patched-rbldnsd for ALL domains, then falls back to Bind for 'the
rest'.

whereas in "my" current scenario, fwd-1st occurs to rbldnsd only for
those zones in the "huge" Bind9 tables ...

i think.

> No, I use it on my LAN as the main DNS server.  In my usage, one
> instance of dnsmasq accomplishes these things:

got it.  not entierly what i'm looking for ... but probly worth
playgin with dnsmasq a bit anyway.

thx.