Hi.
On Fri, 4 Nov 2022, Grant Taylor via bind-users wrote:
2) Leverage Response Policy Zone(s) to try to influence the lookup as others
suggested. E.g. cause 1.66.136.193.in-addr.arpa. to become
1.0-28.66.136.193.in-addr.arpa. locally. -- I'd have to read about how to
do this.
[...]
1 IN PTR dns.di.ubi.pt.
This. ^^^^^^^^^^^^^^^^^^^^^^^^
It's really like that but within the response policy zone. It depends on
how your RPZ is scoped. If you just take over the world it looks like
this:
$ORIGIN .
$TTL 600 ; 10 minutes
REARVIEW.M3047.NET IN SOA DEV.NULL. M3047.M3047.NET. (
2114499 ; serial
30 ; refresh (30 seconds)
15 ; retry (15 seconds)
86400 ; expire (1 day)
600 ; minimum (10 minutes)
)
NS LOCALHOST.
$ORIGIN 1.0.10.in-addr.arpa.rearview.m3047.net.
207 PTR fire3-10-inch.m3047.
TXT
"depth=1,first=1665768627.2416348,last=1667531692.5136201,count=264,trend=3935.662293321998,update=1
667540875.2942646,score=6.057739570203342"
$ORIGIN 21.100.in-addr.arpa.rearview.m3047.net.
103.0 PTR arcus-uswest.amazon.com.
TXT
"depth=1,first=1665810308.1564665,last=1667535958.6280398,count=152,trend=11758.670145495724,update=
1667540875.2953703,score=5.3302068902418895"
$ORIGIN 24.100.in-addr.arpa.rearview.m3047.net.
64.188 PTR s2s.aniview.com.
TXT
"depth=2,first=1667458140.2700894,last=1667507046.0667324,count=12,trend=3481.8259883810015,update=1
That is a BIND generated zonefile. Takeaways:
* The zone is rearview.m3047.net.
* The zone is being used as a response policy zone.
* The rewrites are fully specified WITHIN THAT ZONE:
103.0.21.100.in-addr.arpa.rearview.m3047.net. PTR arcus-uswest.amazon.com.
* Note the trailing terminal dot on both the LHS and RHS.
# dig -x 100.21.0.103
;; QUESTION SECTION:
;103.0.21.100.in-addr.arpa. IN PTR
;; ANSWER SECTION:
103.0.21.100.in-addr.arpa. 300 IN PTR
ec2-100-21-0-103.us-west-2.compute.amazonaws.com.
;; AUTHORITY SECTION:
0.21.100.in-addr.arpa. 300 IN NS
ns2-24-us-west-2.ec2-rdns.amazonaws.com.
0.21.100.in-addr.arpa. 300 IN NS
ns4-24-us-west-2.ec2-rdns.amazonaws.com.
0.21.100.in-addr.arpa. 300 IN NS
ns1-24-us-west-2.ec2-rdns.amazonaws.com.
0.21.100.in-addr.arpa. 300 IN NS
ns3-24-us-west-2.ec2-rdns.amazonaws.com.
;; ADDITIONAL SECTION:
ns1-24-us-west-2.ec2-rdns.amazonaws.com. 300 IN A 205.251.197.77
ns4-24-us-west-2.ec2-rdns.amazonaws.com. 300 IN A 205.251.194.254
;; SERVER: 10.0.0.220#53(10.0.0.220)
# dig @10.0.0.230 -x 100.21.0.103
;; QUESTION SECTION:
;103.0.21.100.in-addr.arpa. IN PTR
;; ANSWER SECTION:
103.0.21.100.in-addr.arpa. 5 IN PTR arcus-uswest.amazon.com.
;; AUTHORITY SECTION:
REARVIEW.M3047.NET. 600 IN NS LOCALHOST.
;; ADDITIONAL SECTION:
REARVIEW.M3047.NET. 1 IN SOA DEV.NULL. M3047.M3047.NET.
2114509 30 15 86400 600
;; SERVER: 10.0.0.230#53(10.0.0.230)
# dig @10.0.0.220 103.0.21.100.in-addr.arpa.rearview.m3047.net. PTR
;; QUESTION SECTION:
;103.0.21.100.in-addr.arpa.rearview.m3047.net. IN PTR
;; ANSWER SECTION:
103.0.21.100.in-addr.arpa.rearview.m3047.net. 600 IN PTR
arcus-uswest.amazon.com.
;; AUTHORITY SECTION:
REARVIEW.M3047.NET. 600 IN NS LOCALHOST.
;; SERVER: 10.0.0.220#53(10.0.0.220)
# dig @10.0.0.220 103.0.21.100.in-addr.arpa.rearview.m3047.net. TXT
;; QUESTION SECTION:
;103.0.21.100.in-addr.arpa.rearview.m3047.net. IN TXT
;; ANSWER SECTION:
103.0.21.100.in-addr.arpa.rearview.m3047.net. 600 IN TXT
"depth=1,first=1665810308.1564665,last=1667535958.6280398,count=152,trend=11758.670145495724,update=1667540875.2953703,score=5.3302068902418895"
;; AUTHORITY SECTION:
REARVIEW.M3047.NET. 600 IN NS LOCALHOST.
;; SERVER: 10.0.0.220#53(10.0.0.220)
--
Fred Morris, internet plumber
--
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from
this list
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
