BIND problem

Stephen B. Saunders stephen.saunders at denomin.com
Fri Sep 23 00:36:11 MDT 2005


That'll do the trick but if you could get it to work with a wildcard it seems
like it would save time:

        NS      your.dns.server.
        NS      your2.dns.server.
        A       66.35.250.150

name    IN A    192.168.55.23
name2   IN A    192.168.26.81

name3   IN NS   your.dns.server.
name3   IN NS   your2.dns.server.

*       IN NS   ns3.vasoftware.com.
*       IN NS   ns2.vasoftware.com.
*       IN NS   ns2.ostg.com.
*       IN NS   ns1.vasoftware.com.
*       IN NS   ns1.ostg.com.

Then the only thing you have to worry about changing besides the nameservers is
that one A record.

Steve

-- 
Stephen B. Saunders

Denomin Inc.
http://www.denomin.com/


Quoting Corey Edwards <tensai at zmonkey.org>:

> On Thu, 2005-09-22 at 23:04 -0600, Michael Torrie wrote:
> > On Thu, 2005-09-22 at 21:22 -0600, Corey Edwards wrote:
> > > Sorry, that really is pretty ambiguous. I meant that anything in
> > > subdomain.foo.example.com won't resolve to the normal address. I started
> > > thinking about it and I wasn't sure why that is, so I ran a few tests.
> > > One of the domains that I forge is slashdot.org. As expected,
> > > yro.slashdot.org won't resolve on my box. Yay! That's because Bind
> > > believes it is authoritative for the whole *.slashdot.org zone, so
> > > anything not listed doesn't exist. foo.bar.yro.slashdot.org doesn't work
> > > either.
> >
> > That's not good for me then.  Darn it.
>
> Here's something you can do:
>
> $TTL 3D
> $ORIGIN org.
> slashdot         IN SOA     slashdot.org. hostmaster.slashdot.org. (
>                             2005092101 ; Serial
>                             1H         ; Refresh - 8h
>                             1H         ; Retry - 2h
>                             4W         ; Expire - 4w
>                             1H         ; Negative Cache TTL - 1d
>                             )
>
>
>                  NS         your.dns.server.
>                  A          127.0.0.1
>
>
> $ORIGIN slashdot.org.
> www              IN A       127.0.0.1
>
> yro              IN NS      ns1.ostg.com.
> yro              IN NS      ns1.vasoftware.com.
>
> Basically you're forging authority for their domain and then delegating
> the subdomains back to them. The drawback there is that you have to
> track NS changes (which should be infrequent) and you have to enumerate
> all subdomains you want to work.
>
> Will that do the trick?
>
> Corey
>



More information about the PLUG mailing list