"Abusing" BIND DNS Server as Networked HOSTS File...

Kevin Darcy kcd at daimlerchrysler.com
Wed May 26 22:01:36 UTC 2004 

Axel Werner wrote:

>Kevin Darcy wrote:
>
>  
>
>>No, a root zone won't help here. You can't skip zone levels like that.
>>If you add a gateway.dyndns.org record in a private root zone, the
>>nameserver would assume that that's the only entry under dyndns.org and
>>so it would be as bad or worse than defining a private dyndns.org itself.
>>
>>Instead, define gateway.dyndns.org as its own zone. Same for any other
>>names for which you may want to "spoof" name resolution. Just make sure
>>none of this spoofing is visible to Internet DNS clients. If at some
>>point you decide you want to serve some Internet zones, and you don't
>>have budget for another nameserver, you could look into using the "view"
>>feature to serve up different data to different sets of clients (or do
>>it the older way by having multiple BIND instances listening on
>>different interfaces).
>>    
>>
>
>HELL! THANKS DUDE! Thats the solution for me! Its ugly, but i live in an
>ugly network, so its perfect :) ! And however, once implemented its
>centraly administered. i tested and implemted it quick and works fine now.
>
>btw: "Name Resolution Spoofing" is the right name for that :)
>
>I assume using "view" feature is something called "split brained" earlier?!
>however, no topic to me since i dont serve to the internet. but thanks
>anyway!
>
>
>  
>
>>You may also want to consider not forwarding to your ISP's nameservers,
>>if you have a choice in the matter. Frequently, forwarding doesn't
>>deliver the performance benefits that people expect. Doing your own
>>iterative resolution also makes you less dependent on your ISP's
>>nameservice.
>>
>>- Kevin
>>    
>>
>
>hmmm.. ur right. but i thought i would act less "aggressive" to the internet
>if i use the NS at my ISP to make use of its cache and other stuff rather
>than making direkt load to the root servers. of course some  of my request
>will go up to the top even i use my ISPs NS as forwarder. but wont it save
>traffic load?   am i wrong?
>
If you reboot/restart frequently, this may be an issue, but as long as 
your nameserver stays up for reasonable periods of time, it will 
remember referral information and shouldn't need to go to the root 
servers hardly ever.

                                                                         
                                    - Kevin

More information about the bind-users mailing list