Corey Edwards wrote:
On Thu, 2005-09-22 at 23:04 -0600, Michael Torrie wrote:
On Thu, 2005-09-22 at 21:22 -0600, Corey Edwards wrote:
Sorry, that really is pretty ambiguous. I meant that anything in
subdomain.foo.example.com won't resolve to the normal address. I started
thinking about it and I wasn't sure why that is, so I ran a few tests.
One of the domains that I forge is slashdot.org. As expected,
yro.slashdot.org won't resolve on my box. Yay! That's because Bind
believes it is authoritative for the whole *.slashdot.org zone, so
anything not listed doesn't exist. foo.bar.yro.slashdot.org doesn't work
either.
That's not good for me then. Darn it.
Here's something you can do:
$TTL 3D
$ORIGIN org.
slashdot IN SOA slashdot.org. hostmaster.slashdot.org. (
2005092101 ; Serial
1H ; Refresh - 8h
1H ; Retry - 2h
4W ; Expire - 4w
1H ; Negative Cache TTL - 1d
)
NS your.dns.server.
A 127.0.0.1
$ORIGIN slashdot.org.
www IN A 127.0.0.1
yro IN NS ns1.ostg.com.
yro IN NS ns1.vasoftware.com.
Basically you're forging authority for their domain and then delegating
the subdomains back to them. The drawback there is that you have to
track NS changes (which should be infrequent) and you have to enumerate
all subdomains you want to work.
Will that do the trick?
Corey
------------------------------------------------------------------------
/*
PLUG: http://plug.org, #utah on irc.freenode.net
Unsubscribe: http://plug.org/mailman/options/plug
Don't fear the penguin.
*/
Just curious, but why do this in bind? Wouldn't it be easier and
quicker to just use a hosts file?
/*
PLUG: http://plug.org, #utah on irc.freenode.net
Unsubscribe: http://plug.org/mailman/options/plug
Don't fear the penguin.
*/
