SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
I need to setup a dns server that will redirect all the unresolved domains to a specific ip address. I have been googling for days to search for a solution on how to configure it in bind but I could not find nothing. I am using slackware 13. Anybody knows how to this using bind/named server? Thanks!
I apologize for the late reply. It seems forwarders could not do the job
I setup two DNS server for testing. The first DNS server is a caching only nameserver that contains a global forwarders option that points to the second DNS server. The second DNS server is configured to resolve any domain name to a specific ip address. I am using windows xp for testing. The windows xp DNS configuration is set to 7.7.7.1 which is the first DNS server. However, when I tried to resolve valid dns servers, the request were always forwarded to the second DNS server 7.7.7.2, so i am getting the ip 7.7.7.10 for all dns queries including unresolved domains.
Is there a way to make the dns server to force to try first the caching zone before forwarding to the second dns server? I only want to forward when the domain is unresolvable. I really hope that some DNS experts here could help me.
The configuration for the first DNS caching server is:
Code:
options {
directory "/var/named"
forwarders { 7.7.7.2; };
listen-on { 7.7.7.1; };
}
zone "." IN {
type hint;
file "caching-example/named.root";
};
zone "localhost" IN {
type master;
file "caching-example/localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "caching-example/named.local";
allow-update { none; };
};
named.root
Code:
. 3600000 IN NS A.ROOT-SERVERS.NET.
A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4
A.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:BA3E::2:30
. 3600000 NS B.ROOT-SERVERS.NET.
B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201
. 3600000 NS C.ROOT-SERVERS.NET.
C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12
. 3600000 NS D.ROOT-SERVERS.NET.
D.ROOT-SERVERS.NET. 3600000 A 128.8.10.90
. 3600000 NS E.ROOT-SERVERS.NET.
E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10
. 3600000 NS F.ROOT-SERVERS.NET.
F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241
F.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2f::f
. 3600000 NS G.ROOT-SERVERS.NET.
G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4
. 3600000 NS H.ROOT-SERVERS.NET.
H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53
H.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:1::803f:235
. 3600000 NS I.ROOT-SERVERS.NET.
I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17
. 3600000 NS J.ROOT-SERVERS.NET.
J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30
J.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:C27::2:30
. 3600000 NS K.ROOT-SERVERS.NET.
K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129
K.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fd::1
. 3600000 NS L.ROOT-SERVERS.NET.
L.ROOT-SERVERS.NET. 3600000 A 199.7.83.42
. 3600000 NS M.ROOT-SERVERS.NET.
M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33
M.ROOT-SERVERS.NET. 3600000 AAAA 2001:dc3::35
And the configuration of the second DNS server that can resolve any domain name to a single ip is:
Code:
options {
directory "/var/named";
listen-on { 7.7.7.2; };
};
zone "." IN {
type master;
file "caching-example/named.root.any";
allow-update { none; };
};
named.root.any
Code:
$TTL 86400
. IN SOA ns1.test.org. hostmaster.test.org. (
1 ; serial
21600 ; refresh after 6 hours
3600 ; retry after 1 hour
604800 ; expire after 1 week
86400 ) ; minimum TTL of 1 day
. IN NS ns.test.org
* IN A 7.7.7.10
The 'forwarders' entry tells the caching server[7.7.7.1] where to go to resolve any requests that aren't already in the cache, if the forwarder[7.7.7.2] never resolves external addresses then how will the caching server learn them ?
Maybe I'm missing the point of what you're trying to achieve...
Thanks for explaining how forwarders work.
I understand now why I always get the internal address 7.7.7.10 for all dns queries.
What I really want to accomplish is that I need a DNS server that can resolve all the unresolved/non-existing domains to the internal address 7.7.7.10, and also all the valid/existing domains must be resolved to their external addresses.
Example:
1. google.com and yahoo.com must resolve to their actual external addresses.
2. asdfsafsadfadsfasdf.com and qwerqasdfasdfasfd.com must resolve to internal address 7.7.7.10
Maybe your question is poorly phrased, as it is not a good idea to redirect all unresolved domains to a specific internal ip address... (what if a local user tried to get to google, and asked your nameserver for google's address, and instead got your internal ip?) Usually the forwarders specify your isp's nameserver where your nameserver looks up ip addresses of domains for which it is not authority...
Are you hosting web sites with apache and using bind to manage their dns? Maybe what you are looking for is a way to handle request for mistaken domains or mistyped domains, like ww.mydomain.com, where they forgot a "w"...
If this is the case, I think you should bark up apache's tree instead of bind's, as the settings you would need would be in httpd.conf file, where you set up the ip addresses and ports apache listens on, and where you set up vhost configs for your domains, and a default config that handles all other requests, etc.
For the sake of your users, please don't even consider doing it.
Thanks wildwizard, I am not otherwise participating in this thread but had an issue with this at one time and had only my memory to work from. Your link is the answer to many things.
Hi slac-in-the-box,
I am aware of the fact that it is not recommended to implement this in a production network and i don't have intention of doing it either. This will be implemented in closed/isolated lab environment. I am actually just working on a project that requires this feature and there is no web server involved.
Hi wildwizard,
That was an awesome article and that is actually what i want to do.
Do you know if its possible to do "DNS response modification" in bind?
Hi slac-in-the-box,
Do you know if its possible to do "DNS response modification" in bind?
Only if you rewrite it yourself, or find a patch.
I actually got that paper from a thread from the bind developers list where they were quite adamant that they would NEVER include the code in bind to do it.
Im technician of ISP, we have 500 clients on network.
When user type wrong address, it could be great to give him search result from google. He dont need to correct address manualy or open google page and search for right address. Its good feature!
Ok, after some discussion on irc channel #bind I know that this is wrong. For example, if you do it, and some one will ping some domain which not exist, ping come back successufly, but not from domain, but from server where you redirect ask for unresolved domains.
BUT
Ill try forward only unresolved domains on port 80 only. Bind dont care about ports. Im going to enable web proxy on our main routeros mikrotik gateway and try to do it there. http://wiki.mikrotik.com/wiki/Category:Proxy
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
DNS redirect unresolved domain
