Resolving a single host but not the entire subdomain
Carl Byington
carl at byington.org
Tue Oct 28 23:17:08 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Tue, 2014-10-28 at 13:47 +0100, Akos Polster wrote:
> With bind, is it possible to resolve "example.com" locally, but "*.
> example.com" by forwarding?
Does your public example.com have NS records, or are you trying to force
forwarding to a name server that is not mentioned in those NS records?
If you just want to override the A record for example.com, while leaving
all other names like www.example.com to be resolved thru the normal
recursive resolution mechanisms, you could setup an RPZ zone.
Overloading the usage of example.com:
response-policy { zone "rpz.my.example.com";} qname-wait-recurse no;
zone "rpz.my.example.com" {
type master;
file "named.rpz.my.example.com";
};
Then in the named.rpz.my.example.com zone file:
example.com IN A 10.2.3.4; or whatever
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)
iEYEARECAAYFAlRQI+0ACgkQL6j7milTFsGDBQCePnOeDDQxPQIMOBjxHG2AK1C9
TLMAniN9/9kxHgdX4iDfPwHNshsH11jr
=iKTN
-----END PGP SIGNATURE-----
More information about the bind-users
mailing list