[Ext] Re: Redirect only second and third level domains
Warren Kumari
warren at kumari.net
Fri Feb 24 19:05:54 UTC 2017
On Fri, Feb 24, 2017 at 1:12 PM, Edward Lewis <edward.lewis at icann.org> wrote:
> On 2/24/17, 03:42, "bind-users on behalf of Andrea Gabellini" wrote:
>
>>the server is a resolver for about 20K clients. My goal is to supply a
>>courtesy page if a domain is not found. For every domain.
>
> No approach relying on wildcards will work because of the way wildcards "work." (*.example.com won't catch non-existing abc.def.example.com if cba.def.example.com exists.)
>
> There are commercial applications that do this, the one I know of from a previous employer is http://www.barefruit.co.uk/.
>
> I don't know of any open solutions to this goal.
>
> (As you can tell from other replies, folks think this is a bad idea. But if you are told to accomplish this by a manager, saying it's a bad idea isn't what the manager wants to hear.)
True, that may not be what the manager wants to hear -- but:
A: that's not a good manager and
B: not clearly explaining all of the risks, dangers, downsides to the
manager (in writing if necessary) makes you a bad employee.
Being a "Yes man" only gets you brownie points for a short while, but
is bad for the organization and your management too -- it soon blows
up and you have to explain why you didn't prevent bad things from
happening...
This email thread would be a useful thing to show management -- a
bunch of people who run name-servers are all saying 'tis a bad idea.
>
> I can't think of an in-protocol or in-server solution. Given that you should be mindful of the special use domain names too (.local or .onion as examples), this begs an out of band solution and probably manual management.
>
> See http://www.iana.org/assignments/special-use-domain-names/special-use-domain-names.xhtml#special-use-domain for the special use domain names.
>
>
Yup. good point. There are many many ways that this ends poorly, and
basically none where it ends well....
W
>
>
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
--
I don't think the execution is relevant when it was obviously a bad
idea in the first place.
This is like putting rabid weasels in your pants, and later expressing
regret at having chosen those particular rabid weasels and that pair
of pants.
---maf
More information about the bind-users
mailing list