BIND redirect all lookups
ext Barry Margolin
barmar at alum.mit.edu
Fri Mar 21 19:26:33 UTC 2008
In article <fs0v0r$312u$1 at sf1.isc.org>,
David Ford <david at blue-labs.org> wrote:
> akmattb wrote:
> > I am in the process of trying to setup a quarantine type vlan on our
> > company network. I would like to have any computer on that network
> > have DNS lookups redirected to a local web server that displays a
> > terms or use page, and other misc information
Create a view on your DNS server that's authoritive for the root zone,
and this zone contains a wildcard A record that points to your special
web server. Then put the IPs of the quarantined machines into the
view's client match ACL.
>
> Entirely as an aside, there is nothing about "VLAN" that adds any form
> of security. It's simply 4 extra bytes in the link layer header.
> Please keep that in mind.
But it's added and processed by the switches, not the leaf nodes, so the
users can't forge it or get around it.
--
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***
More information about the bind-users
mailing list