BIND redirect all lookups

ext Barry Margolin barmar at
Fri Mar 21 19:26:33 UTC 2008

In article <fs0v0r$312u$1 at>,
 David Ford <david at> wrote:

> akmattb wrote:
> > I am in the process of trying to setup a quarantine type vlan on our
> > company network. I would like to have any computer on that network
> > have DNS lookups redirected to a local web server that displays a
> > terms or use page, and other misc information

Create a view on your DNS server that's authoritive for the root zone, 
and this zone contains a wildcard A record that points to your special 
web server.  Then put the IPs of the quarantined machines into the 
view's client match ACL.

> Entirely as an aside, there is nothing about "VLAN" that adds any form 
> of security.  It's simply 4 extra bytes in the link layer header.  
> Please keep that in mind.

But it's added and processed by the switches, not the leaf nodes, so the 
users can't forge it or get around it.

Barry Margolin, barmar at
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***

More information about the bind-users mailing list