Complete DNS fake root setup example
Bob Harold
rharolde at umich.edu
Wed Jan 20 17:53:47 UTC 2016
On Wed, Jan 20, 2016 at 12:12 PM, MURTARI, JOHN <jm5903 at att.com> wrote:
> Folks,
>
> Had to do some testing where we wanted our own insulated
> fake root environment. We wanted to start from simulated root name servers.
> I was surprised I couldn’t find a complete example even after some extensive
> searches.
>
>
>
> The concepts are easy, but the devil is in the details. We
> had done this before, but no one ever kept notes so I figured by posting it
> on the list it will eventually find its way into Google. Here are the
> setup instructions below, name & ip address have been changed to protect the
> innocent! Your comments/suggestions are welcome!
>
Not a bad idea. Some comments:
/etc/resolv.conf should point to a recursive resolver, not a
non-recursive authoritative server. Hosts 6,7,12, and 13 should all
be non-recursive authoritative servers. There should be a separate
resolver.
Looks like the contents of "db.bongo.com" were not fully anonymized.
--
Bob Harold
More information about the bind-users
mailing list