Set a default reply in BIND
Karl Auer
kauer at biplane.com.au
Sat Jun 18 07:50:27 UTC 2005
> > In article <d8v1o2$309k$1 at sf1.isc.org>, Elias <elias at streamyx.com>
> >>Is there anyway to configure BIND to return a single default answer if it is
> >>not authoritative for that zone? For eg if I'm authroritative for abc.com,
> >>the server will return everything related to abc.com (and this is already
> >>working) but when somebody queries for xyz.com, 123.com,
> >>1.2.3.4.in-addr.arpa, etc it should just return one same answer. Is there
> >>anyway to put a wildcard for this?
Why do you want to do this?
If you want to block access to name information outside your network, it's simpler to block nameservice packets at your firewall or edge routers. One assumes the user base is well in hand if you are even comtemplating blocking their access to .com. so informing them shouldn't be a problem.
If you want "unregistered users" (however that may be defined) to all end up at the same page (sounds like a misguided attempt to use DHCP for security), then you don't need this:
> [...] create delegation at every level building up to
> your normal zone data. If you do not, then your zones will not be able
> to be resolved.
> [...]
Regards, K.
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Karl Auer (kauer at biplane.com.au) +41-43-2660706 (h)
http://www.biplane.com.au/~kauer/ +41- 1-6327531 (w)
More information about the bind-users
mailing list