Hi, We have two DHCP/DNS servers running Ubuntu 12.04 and dnsmasq-server 2.590-4ubuntu0.1. The other day, we had a user set up a Windows Server 2012 computer on our development network for testing. This user chose to set up his Windows server as DC, DHCP server, DNS server, and more, for a new domain that he gave the same name as our production domain (let's say both domains are named "example.com"). One of our servers, while still using a DHCP lease from our legitimate DHCP servers, somehow began using the Windows server for DNS queries for hosts on the example.com domain, though our server network and the development network are on separate VLANs and in different broadcast domains. Is there something in our servers' dnsmasq.conf that would have allowed any of our DHCP servers to forward requests to the unauthorized servers? Here's what dnsmasq.conf looks like on our primary DHCP server. We've set it up so that the three DCs handle all DNS queries for example.com server=// server=/example.com/###.###.###.1 server=/example.com/###.###.###.2 server=/example.com/###.###.###.3 local-ttl=1 localise-queries all-servers rebind-localhost-ok stop-dns-rebind dns-forward-max=5000 cache-size=10000 rebind-domain-ok=/example.com/
Thanks, Ben Cundiff Associate Sysadmin X-ES Inc. bcund...@xes-inc.com
_______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
