how to resolve all unknown names to 127.0.0.1 ?
"Дмитрий Проводников"
dmitry.provodnikov at nsk.eldorado.ru
Wed Jun 1 06:56:34 UTC 2005
Hello All !
There is a BIND 9.3.1. in deep intranet, so it hasn't access
to root servers.
It works as "forward only", forwards all non-auth queries to
upstream NSs in intranet too. Connection to NSs in Internet
to 53/udp and 53/tcp are impossible.
In named.conf there are:
(1) master intranet zones (about 20)
(2) slave intranet zones (about 40)
(3) forward-only Internet and intranet zones (about 200),
forwarders are the same upstream NSs.
So the question is:
how to force BIND resolve _all_ names not from (1) or (2) or (3)
to 127.0.0.1 ?
Quick, simple and wrong solutin:
make a zone "." type master, containing
* IN A 127.0.0.1
after that, all names from (3) gonna resolved to 127.0.0.1,
seems that "resolve from most-specific zone first" algorythm
is not implemented or forward zones are not authoritative.
Working now, bad and time-consuming solution:
i manually look at the dump of cache, recognize the names that
should be resolved to 127.0.0.1, and make a fake zone from them:
@ IN A 127.0.0.1
* IN A 127.0.0.1
Good and correct solution: ????
=== | /"\ ASCII RIBBON CAMPAIGN
WBR, Dmitry A.Provodnikov | \ / AGAINST HTML (RTF)
FIDO: 2:5000/97.31 | X MAIL AND NEWS
Team [TBH-TNG] | / \
More information about the bind-users
mailing list