Wildcard on whole DNS

Mark Andrews Mark_Andrews at isc.org
Mon Oct 9 03:26:17 UTC 2006 

> > Hey All,
> > 
> > 	This might sound like a silly question. but here goes.
> > 
> > 	I want to setup a DNS server which when queried for ANY domain, will
> > respond with a specific IP address.
> > 
> > 	This is so that customers who are overdue get a website explaining
> > why they are not able to reach the internet.  Their IP's are changed (and
> > DNS) and they can't go anywhere except in our local network.
> > 
> > .Skeeve
> 
> 	Why don't you just intercept all their HTTP traffic and
> 	block everything else.  Mark all the returned pages as
> 	not cachable.
> 
> 	This is less likely to break automated traffic.
> 
> 	Otherwise:
> 
> 	. 0 SOA . . 0 0 0 0 0
> 	. 0 NS .
> 	*. 0 A 1.2.3.4
> 	*. 0 AAAA 2002::1
> 
> 	and *only* have a http server on the addresses.  You won't
> 	want to be accused of intecepting email, etc.

	You will also, almost certainly, want to enable minimal responses.
	You could also add address records for the root.

options {
        minimal-responses yes;
	empty-zones-enable no;	// 9.4 onwards
};

zone "." {
        type master;
        file "overdue";
};

overdue:
. 0 SOA . . 0 0 0 0 0
. 0 NS .
. 0 A 1.2.3.4
. 0 AAAA 2002::1
*. 0 A 1.2.3.4
*. 0 AAAA 2002::1

> > _______________________________________________________
> > Skeeve Stevens, RHCE     Email: skeeve at skeeve.org
> > Website: www.skeeve.org  - Telephone: (0414) 753 383
> > skype://skeeve
> > Address: P.O Box 1035, Epping, NSW, 1710, Australia
> > 
> > eIntellego - skeeve at eintellego.net - www.eintellego.net
> > _______________________________________________________
> > I'm a groove licked love child king of the verse
> > Si vis pacem, para bellum
> > 
> > 
> > 
> > 
> > 
> > 
> --
> ISC Training!  October 16-20, 2006, in the San Francisco Bay Area,
> covering topics from DNS to DHCP.  Email training at isc.org.
> -- 
> Mark Andrews, ISC
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org
> 
> 
--
ISC Training!  October 16-20, 2006, in the San Francisco Bay Area,
covering topics from DNS to DHCP.  Email training at isc.org.
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org

More information about the bind-users mailing list