BIND redirect all lookups
ext Barry Margolin
barmar at alum.mit.edu
Fri Mar 21 19:26:33 UTC 2008
In article <fs0v0r$312u$1 at sf1.isc.org>,
David Ford <david at blue-labs.org> wrote:
> akmattb wrote:
> > I am in the process of trying to setup a quarantine type vlan on our
> > company network. I would like to have any computer on that network
> > have DNS lookups redirected to a local web server that displays a
> > terms or use page, and other misc information
Create a view on your DNS server that's authoritive for the root zone,
and this zone contains a wildcard A record that points to your special
web server. Then put the IPs of the quarantined machines into the
view's client match ACL.
> Entirely as an aside, there is nothing about "VLAN" that adds any form
> of security. It's simply 4 extra bytes in the link layer header.
> Please keep that in mind.
But it's added and processed by the switches, not the leaf nodes, so the
users can't forge it or get around it.
Barry Margolin, barmar at alum.mit.edu
*** PLEASE don't copy me on replies, I'll read them in the group ***
More information about the bind-users