On Tue, Jul 1, 2025 at 2:33 PM OwN-3m-All wrote: > > No, I'm not asking you to prioritize anything. I'm just saying that > previously valid and memory performant setups are not performing well on the > newest versions of bind (using too much memory).
c'est la vie > I created this setup based on guides I found online. So, if this is not the > proper way to do it, what is the proper way? You're using the PGL adblock list - yes? The proper way to do it would be something like get-pgl.sh ------------ begin cut here ------------ #!/bin/sh # get the PGL adservers rpz zone # https://pgl.yoyo.org/adservers/serverlist.php?hostformat=rpz&showintro=1&mimetype=plaintext url="https://pgl.yoyo.org/adservers/serverlist.php?hostformat=rpz&showintro=1&mimetype=plaintext"; fname="db.rpz-pgl" umask 002 cd /etc/bind ds=$(date "+%F") echo "date suffix: ${ds}" if [ -f "${fname}.${ds}" ]; then echo "OhNoes!!! ${fname}.${ds} already exists!" >&2 exit 1 fi mv ${fname} ${fname}.${ds} stat=$? if [ $stat -ne 0 ]; then echo "Oh Noes!! 'mv ${fname} ${fname}.${ds}' failed!!? ${stat}" >&2 exit 2 fi wget --no-proxy -O ${fname} ${url} stat=$? if [ $stat -ne 0 ]; then echo "OhNoes!!! wget ${url} failed: ${stat}" >&2 exit 3 fi dos2unix ${fname} stat=$? if [ $stat -ne 0 ]; then echo "OhNoes!!! dos2unix ${fname} failed: ${stat}" >&2 exit 4 fi ------------ end cut here ------------ then in your named.conf you'd have something like response-policy { zone "rpz.foo"; zone "rpz.bar"; zone "rpz.pgl"; } break-dnssec yes recursive-only no qname-wait-recurse no; zone "rpz.foo" in { ... } zone "rpz.bar" in { ... } zone "rpz.pgl" in { type master; notify no; file "/etc/bind/db.rpz-pgl"; }; Regards, Lee -- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
