Using bind to provide a dns redirector

Peter Andreev andreev.peter at gmail.com
Fri Mar 5 20:33:17 UTC 2010 

Have you tried to add to your "." zone something like this:

microsoft.com NS ns1.msft.net
                     NS ns3.msft.net
                     NS ns5.msft.net
etc?
Just an assumption - RFC 4592 <http://tools.ietf.org/html/rfc4592> describes
processing of asterisk as "any non-existent in particular zone".

2010/3/5 Alex Sharaz <A.Sharaz at hull.ac.uk>

> Hi all,
>
> I'm looking to implement a dns redirector using bind 9 and need a wee bit
> of
> help.
>
> We have a wired 802.1x network setup here. By default if a user hasn't
> configured 802.1x on their PC their machine gets dropped into an
> unauthenticated VLAN where our DHCP server hands our different DNS server
> IP
> addresses to the rest of the  University.
>
> I'm currently using a product called DNS redirector for the unauthenticated
> VLAN but am having some loading problems hence the query re implementing my
> requirements in bind.
>
> Here's what I'm currently doing:-
>
> 1). We want  users to  have access to windows update and app update sites
> even from the unauth VLAN
> 2). Whatever else they try and get to via a browser, the host address gets
> resolved to a Hull IP address. The browser therefore connects to a local
> web
> server which hands out a page saying "You need to configure your machine in
> order to access the Internet ......."
>
> Apart from the loading issues the whole thing works quite well.
>
> So ...
>
> Getting bind to always resolve to a single P address was quite easy.
>
> In named.conf
>
> zone "." {
>  Type master;
> file "db.redir";
> }
>
> zone "hull.ac.uk" {
> type master;
> file "db.hull";
> }
>
> In db.redir
> $TTL 60
> @       In      SOA     localhost. Root.localhost. ( ......)
>
> @       IN      NS      localhost.
>
> *       IN      A       150.237.47.203
>
> So anything I try and resolve returns 47.203
>
> db.hull is similar but lets me add some exra hull addresses for local
> services we might want students to access.
>
> I thought that adding
>
> zone "Microsoft.com" {
>  type forward;
>  forwarders {a.b.c.d; e.f.g.h;};
>  forward only;
> }
>
> Would let me pass queries for anything in Microsoft.com off to our real
> servers, but the zone "." overrides the above and everything resolves back
> to my  47.203 address.
>
>
> So, any thoughts as to how I might persuade bind to correctly resolve
> hostnames in a list of specified domains?
>
> TIA
> Alex
>
>
>
>
>
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20100305/a85b9fad/attachment.html>

More information about the bind-users mailing list