DNS & network news

Monthly Archive: July 2016

Return a private address when querying an internet host name.

I have a fixed IP from my ISP. It has a hostname name in the format a-b-c-d.isp.net.au and when I ping that domain name it resolves to a.b.c.d (an internet routable address). All good

When I’m at home I’d like that host name to resolve to a 192.168.x.y address so that I can get to a server on my local network. I run BIND at home to resolve other addresses on the 192.168.x.y Is this something a CNAME or ALIAS can solve or do I need to setup a fake domain on my BIND server for the isp.net.au domain ? Thanks

submitted by /u/lakid74
[link] [comments]

Powered by WPeMatico

How to create subdomain pointing to a different port number?

In my use case I would like to create a sub domain with the main domain’s IP address but with different port number. For example,

I have the the main domain as abc.com pointing to


I would like to create to a subdomain with port 8081


I tried to create a SRV record with the following information,

Name: api Target: api.abc.com Protocol: _http Service: _http Priority: 5 Weight: 5 Port: 8081 TTL: 1 hour 

But this didn’t help. I am using Godaddy to manage my domains.

Could someone help me with this?


submitted by /u/dineshappavoo
[link] [comments]

Powered by WPeMatico

BIND: Redirecting queries for a zone to a different nameserver?

Is there a way to configure BIND so it answers for a zone, but only responds with the address of a different nameserver the client should ask?

I set up a BIND instance on a VPS for adblocking purposes and it works fine (it’s ACL’d and not open to the public). Basically I set it authoritative for many adserver domains and it returns NXDOMAIN for any host in those zones. Anything else it forwards to a nameserver at the VPS provider. I pointed all my devices to use my BIND instance as their name server. Smooth sailing for months now with one exception. My VPS is hundreds of miles away, so with a couple of CDN’s like Akamai, I wind up getting IP’s for servers close to my VPS but not close to me.

What I want to do is set my BIND instance so when it gets a query for somehost.akamai.com, instead of forwarding or recursing that query upstream, I want it to say “go ask ns.my-isp.com instead.” So then my device retries the query on my ISP’s nameserver and gets an Akamai IP close to me instead of close to the VPS. I know this would all be easy if my BIND instance was running in my apartment and could use my ISP’s nameserver as a forwarder, but right now this isn’t an option.

I thought maybe I could make my BIND authoritative for akamai.com and point the NS at my ISP’s nameserver:

;named.conf zone "akamai.com" IN { type master; file "akamai.com.zone"; allow-query { myacl; }; }; ;akamai.com.zone $TTL 3600 @ IN SOA ns.my-isp.com. root.my-vps.com. ( 2016070501 ;serial 86400 ;refresh 1800 ;retry 604800 ;expire 3600 ;minttl ) IN NS ns.my-isp.com. 

Doesn’t work though, it returns NXDOMAIN. I set all of the BIND logging channels to debug but I don’t see anything in them to point me in the right direction. Is what I’m trying to do even possible?

submitted by /u/VulgarTech
[link] [comments]

Powered by WPeMatico

Is DNSCrypt and/or DNSSEC worth setting up?

Is DNSCrypt and/or DNSSEC worth setting up? Once it’s set up, what’s the user experience like? Does everything work like it would if you didn’t use these two things and if a domain you’re connecting to doesn’t support it, will it simply not use it and connect normally? I was thinking of using it for privacy/security reasons, at least until I can afford a VPN service (it would be redundant to use these 2 things when using a VPN service that provides its own DNS server to use, right?).

Lastly, there aren’t any privacy benefits to using a third-party non-logging DNS server since the ISP can still see the source and destination of your connections and log them, right?

Thank you.

submitted by /u/gregorie12
[link] [comments]

Powered by WPeMatico