Re: How to enable DNS to resolve all domains to LOCAL IP

This is a discussion on Re: How to enable DNS to resolve all domains to LOCAL IP within the Bind Users forums, part of the DNS and Related Forums category; In article <cv8c6s$2765$1@sf1.isc.org>, Steven Job <list3@wwwcrazy.com> wrote: > Quoting ...


Go Back   Usenet Forums > DNS and Related Forums > Bind Users

Reload this Page Re: How to enable DNS to resolve all domains to LOCAL IP

FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply

 

LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 02-20-2005
Barry Margolin
 
Posts: n/a
Default Re: How to enable DNS to resolve all domains to LOCAL IP
In article <cv8c6s$2765$1@sf1.isc.org>, Steven Job <list3@wwwcrazy.com>
wrote:

> Quoting Barry Margolin <barmar@alum.mit.edu>:
>
> > Configure your server as authoritative for the root zone, and put a
> > wildcard A record in the zone that resolves to your IP.
>
> Here is sort of a followup to this which I have tried many different ways
> unsuccessfully.
> I want to resolve this local IP for all domains / zones that our systems are
> not
> authoritative for. (Easy enough, already covered by making the wildcard and
> as
> you said answered almost every week).

If you follow my suggestion, your server will consider itself
authoritative for the entire DNS hierarchy. It should never recurse at
all, unless your root zone contains delegation records; in that case,
the wildcard record will not be used for anything in those delegated
subdomains.

> The problem is that then this local IP is also returned in the glue records
> for
> all other domain responses. Meaning if someone had an MX record going to
> "smtp1.mail.yahoo.com" (and you were not authoritative for yahoo.com) then it
> would also return the local IP for the Yahoo mail server in the glue record.

Glue records are the A records for nameservers that host the domain that
they're in. They have nothing to do with MX records. I think you're
referring to the Additional Records that are often included with MX
records; these are not called glue records.

> Is there anyway to create this wildcard root zone but at the same time not
> have
> any of it's data be set as part of the glue records?

Don't think so. If a server knows the address of a hostname mentioned
in an MX or NS record, it's supposed to include it in the Additional
Records section of the reply.

Anyway, even if it didn't return this in the Additional Records, you'd
still have this problem. Your client would query for the MX record of
yahoo.com, and it returns smtp1.mail.yahoo.com. Then your client
queries for the A record of smtp1.mail.yahoo.com, and you'll return your
own IP, just like you configured.

The situation you describe *would* be a problem if your server were the
authoritative server for some domains. Don't do that. This special
configuration should be done *only* on resolvers, not authoritative
servers. If you only have one server, you can use the "views" mechanism
to configure it as authoritative for the root zone only for your local
clients.

--
Barry Margolin, barmar@alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***


Reply With Quote
Reply
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT +1. The time now is 06:31 AM.

Contact Us - Usenet Forums - Archive - Top

Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.0.0