Re: [knot-dns-users] When reverse lookup is done, Block is outputted

Hello, Vladimir Thank you for answering. As I advised, I added policy, but it seems that I can not reverse lookup it again. kometch@dns02:/etc/knot-resolver$ drill -x 192.168.122.223 ;; ->>HEADER<<- opcode: QUERY, rcode: NXDOMAIN, id: 16206 ;; flags: qr rd ra ; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0  ;; QUESTION SECTION: ;; 223.122.168.192.in-addr.arpa.        IN      PTR ;; ANSWER SECTION: ;; AUTHORITY SECTION: 168.192.in-addr.arpa.   604038  IN      SOA     prisoner.iana.org. hostmaster.root-servers.org. 1 604800 60 604800 604800 ;; ADDITIONAL SECTION: ;; Query time: 1 msec ;; SERVER: 192.168.122.223 ;; WHEN: Tue Apr 18 20:51:11 2017 ;; MSG SIZE  rcvd: 123 I checked the port(10053) with tcpdump, but it seems that no inquiries from kresd have been done. Best regards. On 2017/04/18 20:40:56, Vladimír Čunát &lt;vladimir.cunat(a)nic.cz&gt; wrote: On 04/18/2017 01:33 PM, Horigome Yoshihito wrote: The config you sent did not forward any reverse address ranges. Adding rule for that should do what you want, if I guess your intentions correctly: policy.add(policy.suffix(policy.FORWARD('192.168.122.223@10053', '192.168.122.224@10053'), '168.192.in-addr.arpa')) --Vladimir