Configuring CNAME for nosslsearch.google.com
Phil Mayers
p.mayers at imperial.ac.uk
Tue Apr 17 13:00:40 UTC 2012
On 17/04/12 13:24, Tobias Krais wrote:
> Hi all together,
>
> very interesting this discussion. For I am a newbie I understood only
> half.
>
> Thus I detected 2 ways to continue:
>
>> I believe you can use response policy (RPZ) to achieve this. Or you
>> can use just about any non-BIND resolver (e.g. unbound) to achieve
>> this.
>
> 1. Don't use bind but e.g. unbound instead.
>
> 2. Ask Google.
>
> Any other ideas I missed?
3. Use RPZ, as per Chris' suggestion
4. Create a zone for "www.google.com" and instead of CNAME, put an A
record at the apex with the same IP as "nosslsearch.google.com". Run a
script FREQUENTLY to re-resolve the host, as Google do short-TTL
DNS-based loadbalancing.
5. Don't do this at all, since interfering with SSL is bad.
More information about the bind-users
mailing list