Using bind to provide a dns redirector
Peter Andreev
andreev.peter at gmail.com
Fri Mar 5 20:33:17 UTC 2010
Have you tried to add to your "." zone something like this:
microsoft.com NS ns1.msft.net
NS ns3.msft.net
NS ns5.msft.net
etc?
Just an assumption - RFC 4592 <http://tools.ietf.org/html/rfc4592> describes
processing of asterisk as "any non-existent in particular zone".
2010/3/5 Alex Sharaz <A.Sharaz at hull.ac.uk>
> Hi all,
>
> I'm looking to implement a dns redirector using bind 9 and need a wee bit
> of
> help.
>
> We have a wired 802.1x network setup here. By default if a user hasn't
> configured 802.1x on their PC their machine gets dropped into an
> unauthenticated VLAN where our DHCP server hands our different DNS server
> IP
> addresses to the rest of the University.
>
> I'm currently using a product called DNS redirector for the unauthenticated
> VLAN but am having some loading problems hence the query re implementing my
> requirements in bind.
>
> Here's what I'm currently doing:-
>
> 1). We want users to have access to windows update and app update sites
> even from the unauth VLAN
> 2). Whatever else they try and get to via a browser, the host address gets
> resolved to a Hull IP address. The browser therefore connects to a local
> web
> server which hands out a page saying "You need to configure your machine in
> order to access the Internet ......."
>
> Apart from the loading issues the whole thing works quite well.
>
> So ...
>
> Getting bind to always resolve to a single P address was quite easy.
>
> In named.conf
>
> zone "." {
> Type master;
> file "db.redir";
> }
>
> zone "hull.ac.uk" {
> type master;
> file "db.hull";
> }
>
> In db.redir
> $TTL 60
> @ In SOA localhost. Root.localhost. ( ......)
>
> @ IN NS localhost.
>
> * IN A 150.237.47.203
>
> So anything I try and resolve returns 47.203
>
> db.hull is similar but lets me add some exra hull addresses for local
> services we might want students to access.
>
> I thought that adding
>
> zone "Microsoft.com" {
> type forward;
> forwarders {a.b.c.d; e.f.g.h;};
> forward only;
> }
>
> Would let me pass queries for anything in Microsoft.com off to our real
> servers, but the zone "." overrides the above and everything resolves back
> to my 47.203 address.
>
>
> So, any thoughts as to how I might persuade bind to correctly resolve
> hostnames in a list of specified domains?
>
> TIA
> Alex
>
>
>
>
>
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20100305/a85b9fad/attachment.html>
More information about the bind-users
mailing list