Wildcarded nameservers
dushy
dushyanth at gmail.com
Sat Sep 3 16:33:22 UTC 2005
Hi,
I run a bind 9.2.1 nameserver with the following configuration.
//named.conf
options {
directory "/var/named";
pid-file "named.pid";
allow-recursion {127.0.0.1 <http://127.0.0.1>;};
};
logging {
category default { default_syslog; default_debug; };
};
zone "." IN {
type master;
file "named.rr";
allow-update {none;};
allow-transfer {none;};
notify no;
};
//named.rr
$TTL 86400
@ IN SOA . hostmaster.mydomain.com <http://hostmaster.mydomain.com>. (
2005090201 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
1 ) ; Minimum
IN NS dns1.mydomain.com <http://dns1.mydomain.com>.
IN NS dns2.mydomain.com <http://dns2.mydomain.com>.
IN A 209.xx.xx.xx
* IN A 209.xx.xx.xx
dns1.mydomain.com <http://dns1.mydomain.com>. IN A 69.xx.xx.xx
dns2.mydomain.com <http://dns2.mydomain.com>. IN A 69.xx.xx.xx
I use this as a wildcarded nameserver i,e for any domain that i wish to
host, i change the nameservers
for that domain to dns1.mydomain.com <http://dns1.mydomain.com> and
dns2.mydomain.com <http://dns2.mydomain.com>.
This works very well, however i have noticed something strange happening in
the last few days. My webserver, started
receiving traffic for domains that is not hosted on this webserver. Whois
shows that there nameservers are different and
logically my webserver should not be receiving that domains traffic. At the
same time, i checked up dns lookups for this
domain name from lot of different sources and they all seem to be pointing
to the original IP address of that domain and
not to my webserver.
This makes me believe that some buggy nameservers cached my nameserver as
"." and are sending requests for any
domain to my dns server which returns my web server IP address for any
domain queried.
A normal dns response from my nameserver is below.
[root at xbox root]# dig @dns1.mydomain.com <http://dns1.mydomain.com>
test.com<http://test.com>
;; QUESTION SECTION:
;test.com. IN A
;; ANSWER SECTION:
test.com <http://test.com>. 86400 IN A 209.xx.xx.xx
;; AUTHORITY SECTION:
. 86400 IN NS dns1.mydomain.com <http://dns1.mydomain.com>.
. 86400 IN NS dns2.mydomain.com <http://dns2.mydomain.com>.
;; ADDITIONAL SECTION:
dns1.mydomain.com <http://dns1.mydomain.com>. 86400 IN A 69.xx.xx.xx
dns2.mydomain.com <http://dns2.mydomain.com>. 86400 IN A 69.xx.xx.xx
Can this cause the problem i have described ? Would changing the TTL to 1
and setting
minimal-reponses to yes solve the problem ?
TIA
dushyanth
More information about the bind-users
mailing list