RPZ Introduction

RPZ (Response policy zone) is a mechanism for customizing policies on the DNS server, allowing recursive DNS to modify the response answer to block the access to the target host.

RPZ architecture diagram
Figure 1: RPZ architecture diagram

By enabling RPZ in the recursive resolver, users can be prevented from connecting to malicious websites without additional settings. At the same time, the recursive resolver can also update the content of the RPZ synchronously through the RPZ master through the zone transfer mechanism, reducing maintenance costs.