Hey Slava,
You can use a small DNS proxy that will forge only this specific record
while for others it will just pass it.
By adding a forward DNS zone and add the proxy as the forward DNS server.
This is *not* recommended but these are the tools you have.
If the DNS proxy is not the well writt
> > There is a credit union website that our users access from work and
> > their dns has been broken for the past few days where the www. version
> From: Jeff Reasoner
> I elected to add the zone in named.conf and answer the query correctly
> (and authoritatively) until I could get the owner to
Interesting. Intentionally "poison" your own cache so your users aren't
inconvenienced by anothers misconfiguration. Not sure how you go about
doing that on box. Perhaps bigger brains on this list can say.
I have had occasion to forge answers locally as an immediate fix for
name resolution issues
Rich,
I suggest the following
minimal-responses yes; - set this global
blackhole { address_match_list }; - use the address_match_list file on
your pf.conf (freebsd)
with this combo, your bind should refuse queries when it's out-of-zone.
additional-from-auth yes;
additional-from-cache no;
good
There is a credit union website that our users access from work and
their dns has been broken for the past few days where the www. version
works, but the plain name (without the www.) points to some old IP
that's not responding. Tried to call them and all I got was that they
know they have some ki
5 matches
Mail list logo
