"Abusing" BIND DNS Server as Networked HOSTS File...
Axel Werner
hostmaster at freiburg.homeip.net
Wed May 26 05:03:12 UTC 2004
Kevin Darcy wrote:
> No, a root zone won't help here. You can't skip zone levels like that.
> If you add a gateway.dyndns.org record in a private root zone, the
> nameserver would assume that that's the only entry under dyndns.org and
> so it would be as bad or worse than defining a private dyndns.org itself.
>
> Instead, define gateway.dyndns.org as its own zone. Same for any other
> names for which you may want to "spoof" name resolution. Just make sure
> none of this spoofing is visible to Internet DNS clients. If at some
> point you decide you want to serve some Internet zones, and you don't
> have budget for another nameserver, you could look into using the "view"
> feature to serve up different data to different sets of clients (or do
> it the older way by having multiple BIND instances listening on
> different interfaces).
HELL! THANKS DUDE! Thats the solution for me! Its ugly, but i live in an
ugly network, so its perfect :) ! And however, once implemented its
centraly administered. i tested and implemted it quick and works fine now.
btw: "Name Resolution Spoofing" is the right name for that :)
I assume using "view" feature is something called "split brained" earlier?!
however, no topic to me since i dont serve to the internet. but thanks
anyway!
> You may also want to consider not forwarding to your ISP's nameservers,
> if you have a choice in the matter. Frequently, forwarding doesn't
> deliver the performance benefits that people expect. Doing your own
> iterative resolution also makes you less dependent on your ISP's
> nameservice.
>
> - Kevin
hmmm.. ur right. but i thought i would act less "aggressive" to the internet
if i use the NS at my ISP to make use of its cache and other stuff rather
than making direkt load to the root servers. of course some of my request
will go up to the top even i use my ISPs NS as forwarder. but wont it save
traffic load? am i wrong?
AGAIN, THANKS FER YER QUICK HELP!!
greets
Axel
More information about the bind-users
mailing list