Novel task for DNS.
Brad Knowles
brad.knowles at skynet.be
Tue Jul 31 18:27:38 UTC 2001
At 5:03 PM +0100 7/31/01, William Noad wrote:
> I work for ntl, a major UK ISP. One of our future products will include
> user accounts that can `expire', requiring the user to re-register (to
> some degree) to reactivate the account. We can (apparently) set up RADIUS
> on the modem racks such that anyone whose account has expired gets put
> into a specially constructed sandbox, from which they either re-register
> or logout. To ensure the user hits the re-registration system we want to
> set up a DNS server within the sandbox that resolves /any/ domain name to
> the IP address of the re-registration server.
Have the RADIUS server hand out the IP address of a specially
configured nameserver to these customers. That specially configured
nameserver would be a private root nameserver, and think that it is
authoritative for the world. It would have an NS record (pointing to
itself), and an SOA record (again, pointing to itself). It would
have an A record for itself, and proper reverse DNS set up. The only
other record it would have would be a wildcard record that would
provide the IP address of your re-registration server for any other
query that was asked.
> Has anyone else set up something similar using BIND? Or can someone
> categorically say `that can't be done'.
Nope, it's not too hard. You can do it yourself by reading the
book _DNS and BIND_ and putting in a little work. Alternatively, you
can contract out the work to someone else (if you don't have the
time). If you decide to go the contract route, I'd recommend talking
to the folks at Nominum to see what they would charge for this kind
of work.
--
Brad Knowles, <brad.knowles at skynet.be>
H4sICIFgXzsCA2RtYS1zaWcAPVHLbsMwDDvXX0H0kkvbfxiwVw8FCmzAzqqj1F4dy7CdBfn7
Kc6wmyGRFEnvvxiWQoCvqI7RSWTcfGXQNqCUAnfIU+AT8OZ/GCNjRVlH0bKpguJkxiITZqes
MxwpSucyDJzXxQEUe/ihgXqJXUXwD9ajB6NHonLmNrUSK9nacHQnH097szO74xFXqtlbT3il
wMsBz5cnfCR5cEmci0Rj9u/jqBbPeES1I4PeFBXPUIT1XDSOuutFXylzrQvGyboWstCoQZyP
dxX4dLx0eauFe1x9puhoi0Ao1omEJo+BZ6XLVNaVpWiKekxN0VK2VMpmAy+Bk7ZV4SO+p1L/
uErNRS/qH2iFU+iNOtbcmVt9N16lfF7tLv9FXNj8AiyNcOi1AQAA
More information about the bind-users
mailing list