Re: Windows/BIND integration [was: Combined master + forward zone]
> and Michael Milligan replied: >> And don't forget to set a group policy on all DCs to not update the A >> records in the apex zone. Otherwise the DCs will complain in the Event >> logs forever... this assumes the BIND servers are authoritative for >> example.com, in this example. >> >> See http://support.microsoft.com/kb/246804 for Windows 2000 >> >> See http://support.microsoft.com/kb/267855 for Windows 2003 and later, >> specifically under "Netlogon fix" and tell it not to register the >> LdapIPAddress. >> >> (There is also more information there on preventing all the DCs from >> creating NS records in the zone, which becomes problematic when there >> are more than about 10 DCs. I had one customer with 100s of DCs, and >> each one put in an NS record in the zone for itself... ugh. With a >> little magic, dropped that back to a handful of DCs at big data centers.) > > > It is not as simple as that. There are a number of Windows registry > setting in this area; Actually, it is, for Windows 2003 SP2 and later... All these registry settings come from various Windows 2000 and 2003 SPs, and are in my opinion the result of several failed attempts to "get it right". They have made a mess of things at this point. But I'm glad what you have is (mostly) working for you. If you run Windows 2003 SP2 or later, the best solution I have found is to ignore all the earlier registry hacking you referenced and leave them all at their default settings. The only two things you generally need to change in the scenario outlined is to tell the DCs not to add their own IPs as A records at the apex domain (example.com), which as outlined in KB2678555, is controlled by adding a new REG_MULTI_SZ registry key DnsAvoidRegisterRecords with the string "LdapIpAddress" in it, and then if you have more than 10 DCs, tell all of the DCs which DCs can register NS records for which zones. This is to keep the NS record set under about 10 (which goes back to DNS payload size... keep it under 512 bytes). That's done using dnscmd.exe with the /AllowNSRecordsAutoCreation switch and a list of IPs, per zone, also as outlined in KB2678555. Microsoft tries too hard to make it (too) easy, don't they? As a quick aside, the NS record set size problem does not often come up as an issue since the Microsoft DCs (also running DNS) are in most cases used as the resolving infrastructure for internal clients and Microsoft documentation encourages admins to AD-integrate zones and replicate to *every* DC, thus the NS record set size isn't an issue. But it will cause problems (i.e., TCP connections and thus higher load) if/when you try to scale it better or add other non-MS DNS servers to the resolving infrastructure or otherwise have to talk to the MS servers to resolve names. It's also an issue if you try to move DNS off Microsoft. But the iceberg is even bigger, and gets off topic (DHCP). > is a BIND forum, not a MS forum): I apologize as well, but reply anyway for completeness. It's all DNS after all and problems we all likely have to deal with. :-/ Regards, Mike -- Michael Milligan -> mi...@acmeps.com ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: tsig and servers help
On Fri, 24 Apr 2009, Terry wrote:
> Thanks for your reply. On my slave, I have this:
>
> server 10.25.1.10 {
> keys {
> omajelns01.omajelns02;
> };
> };
>
> It will sign all requests between these hosts. If requests come
> across that appear to be from these hosts and they are not signed, the
> server at either end will reject the requests (i am pretty sure that's
> the whole idea but just clarifying)? If that's the case, I like this
> architecture, it's simple and provides a level of security without a
> great deal of configuration overhead.
No. The ARM says "A request originating from the remote server is not
required to be signed by this key." You could use allow-transfer
(site-wide or per zone) using a key there for transfers only.
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Re: tsig and servers help
On Fri, Apr 24, 2009 at 12:11 PM, Jeremy C. Reed wrote:
> On Fri, 24 Apr 2009, Terry wrote:
>
>> I am a bit confused about what exactly applying a key to the servers
>> part of the config does:
>>
>> server 10.25.1.11 {
>> keys {
>> omajelns01.omajelns02;
>> };
>> };
>> key omajelns01.omajelns02 {
>> algorithm hmac-md5;
>> secret "asdfasdfasdfasdfasdf";
>> };
>> zone "narf.com" {
>> type master;
>> file "/var/named/narf.com.hosts";
>> also-notify {
>> 10.25.1.11;
>> };
>> notify yes;
>> };
>>
>> In this config, what does the key in the server section actually do
>> for me? I really only want zone transfers to be secured between my
>> master and slaves but I don't really want each zone to have it's own
>> key. There's also a very high chance that I will have to exchange
>> zones with non-bind servers too. Which I don't think is an issue if I
>> apply keys at the server level. Thoughts?
>
> Hello Terry,
>
> The keys in the server statement is used to cause requests sent to that
> server to be signed using that key. In this case, it may be more than just
> zone transfers. It needs to be configured on both sides (so also on the
> slave at 10.25.1.11).
>
> Jeremy C. Reed
> ISC Sales & Support Engineer
>
Thanks for your reply. On my slave, I have this:
server 10.25.1.10 {
keys {
omajelns01.omajelns02;
};
};
It will sign all requests between these hosts. If requests come
across that appear to be from these hosts and they are not signed, the
server at either end will reject the requests (i am pretty sure that's
the whole idea but just clarifying)? If that's the case, I like this
architecture, it's simple and provides a level of security without a
great deal of configuration overhead.
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Re: can bind filter the result
On Apr 20, 2009, at 2:55 AM, Ken Lai wrote: let's take an example. my DNS server called SrvA, the outer DNS server called SrvB. normally, the client sent the query to SrvA, and SrvA forwards it to SrvB. and SrvA return a result which came from SrvB to the client. unfortunately the SrvB sometimes will return a A record that is a advertisement site ip to SrvA. so i dont want to respond to client if the returned IP address is the Advertisement site address. filter the domain name may not be suitable. thanks. If I understand correctly, the goal is to avoid answering any queries for A records where the answer points at any of a specific list of blacklisted IP addresses. As has been said, such filtering does not fit will with bind or any typical DNS servers. Ideas: Periodically scan the cache for names pointing at these addresses, and dynamically create zones? Run a very clever firewall config in front of the DNS server that filters out such answers? Instead of doing something with the DNS, use access lists or custom routes in your routers to block the addresses? In any case, if you "succeed" in addressing the problem by providing no answer, you may find the solution to be unacceptable because of timeout delays. ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: URL Redirection via DNS
Latif, If you provided records / wildcard records that matched all domains to be rewritten, you could resolve the domain name of _all_ rewritable traffic the IP of a particular webserver which could then forward to the right URL using webserver scripting and an HTTP mechanism like Location headers or Refresh meta-tags. This would show the new redirected URL in the header, but to do so, you yourself must respond to the HTTP request. Since as has been said the URI of the URL (eg "/~me/mydocs/doc34.html") won't exist on the server you would either have to do rewriting or look into whether you could use scripting in a 401 Location not Found page. You could also do this without bind, with a firewall, if you had one in front of the clients whose URLs you wanted to redirect, by redirecting all web traffic to your redirecting webserver. On Fri, 24 Apr 2009 11:03:00 -0400 "Binmakhashen, Latif" wrote: > > Ok guys, thanks > That confirms the answer to my question. > > > > From: bind-users-boun...@lists.isc.org > [mailto:bind-users-boun...@lists.isc.org] On Behalf Of Ryan Knapper > Sent: Friday, April 24, 2009 10:56 AM > To: BIND Mailing List > Subject: Re: URL Redirection via DNS > > This is not what DNS does. It matches an IP with a domain name. > Changing the URL needs to be done from within the web-page. > On Fri, Apr 24, 2009 at 07:38, Binmakhashen, Latif > wrote: > Jeff > > Thank you for wording your reply more professionally. That's exactly > what I was trying to find out since I've never tested it. > So in this case, the CNAME mike.mydomain.com will display the web page > of Ralph.mydomain.com but the URL at the address bar will remain > mike.mydomain.com and there is no way to get DNS to display the actual > URL rather than continue to display the CNAME? > > I hope my question is clear to you guys! > > > > From: Jeff Lightner [mailto:jlight...@water.com] > Sent: Friday, April 24, 2009 10:31 AM > To: Pablo Arturi; Binmakhashen, Latif; BIND Mailing List > > Subject: RE: URL Redirection via DNS > > Short answer: No > > Longer answer: Only FQDN can be aliased with CNAME. That's not > technically a redirect. (e.g. mike.mydomain.com being CNAME to > Ralph.mydomain.com is OK - however you can not make > mike.mydomain.com/landingpage do anything because "/landingpage" is > not part of the FQDN so has nothing to do with DNS.) > > Minor Rant: Why don't web developers know how to do simple URL > redirection and quit asking DNS Admins to do it for them? > > > > From: bind-users-boun...@lists.isc.org > [mailto:bind-users-boun...@lists.isc.org] On Behalf Of Pablo Arturi > Sent: Friday, April 24, 2009 10:18 AM > To: Binmakhashen, Latif; BIND Mailing List > Subject: Re: URL Redirection via DNS > > Or it's too much complex to me, or you're terrible wrong in concepts. > > DNS has nothing to do with URL redirection, that's a web server job, > or again, it's too much complex to me. :) What would be an example of > what you want to do? > Hi guys, > > Is it possible to setup DNS to redirect URLs in the address > bar of an IE? > > Please consider our environment before printing this e-mail or > attachments. > -- > CONFIDENTIALITY NOTICE: This e-mail may contain privileged or > confidential information and is for the sole use of the intended > recipient(s). If you are not the intended recipient, any disclosure, > copying, distribution, or use of the contents of this information is > prohibited and may be unlawful. If you have received this electronic > transmission in error, please reply immediately to the sender that you > have received the message in error, and delete it. Thank you. > -- > > > -- NOTICE -- The information transmitted is intended only for the > person or entity to which it is addressed and may contain > confidential and/or privileged material, the disclosure of which is > governed by applicable law. Any review, retransmission, dissemination > or other use of, or taking of any action in reliance upon, this > information by persons or entities other than the intended recipient > is prohibited. If you received this in error please contact the > sender and destroy the materials contained in this message. > > ___ > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users > > > ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: tsig and servers help
On Fri, 24 Apr 2009, Terry wrote:
> I am a bit confused about what exactly applying a key to the servers
> part of the config does:
>
> server 10.25.1.11 {
> keys {
> omajelns01.omajelns02;
> };
> };
> key omajelns01.omajelns02 {
> algorithm hmac-md5;
> secret "asdfasdfasdfasdfasdf";
> };
> zone "narf.com" {
> type master;
> file "/var/named/narf.com.hosts";
> also-notify {
> 10.25.1.11;
> };
> notify yes;
> };
>
> In this config, what does the key in the server section actually do
> for me? I really only want zone transfers to be secured between my
> master and slaves but I don't really want each zone to have it's own
> key. There's also a very high chance that I will have to exchange
> zones with non-bind servers too. Which I don't think is an issue if I
> apply keys at the server level. Thoughts?
Hello Terry,
The keys in the server statement is used to cause requests sent to that
server to be signed using that key. In this case, it may be more than just
zone transfers. It needs to be configured on both sides (so also on the
slave at 10.25.1.11).
Jeremy C. Reed
ISC Sales & Support Engineer
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
tsig and servers help
Hello,
I am a bit confused about what exactly applying a key to the servers
part of the config does:
server 10.25.1.11 {
keys {
omajelns01.omajelns02;
};
};
key omajelns01.omajelns02 {
algorithm hmac-md5;
secret "asdfasdfasdfasdfasdf";
};
zone "narf.com" {
type master;
file "/var/named/narf.com.hosts";
also-notify {
10.25.1.11;
};
notify yes;
};
In this config, what does the key in the server section actually do
for me? I really only want zone transfers to be secured between my
master and slaves but I don't really want each zone to have it's own
key. There's also a very high chance that I will have to exchange
zones with non-bind servers too. Which I don't think is an issue if I
apply keys at the server level. Thoughts?
Thanks!
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
Re: query-errors feature in bind 9.6.1b1 to troubleshoot SERVFAIL
On Fri, 24 Apr 2009, schilling wrote:
> channel query-errors-log {
> file "/var/log/named.query-errors" versions 10 size 100m;
> severity info;
Change to:
severity debug 2;
> print-severity yes;
> print-time yes;
> };
> category query-errors { query-errors-log; };
Note that debug level 2 may be busy.
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
query-errors feature in bind 9.6.1b1 to troubleshoot SERVFAIL
Hi All,
We are experiencing some intermittent SERVFAIL issue even with popular
website like www.yahoo.com. So we installed the latest bind 9.6.1b1.
But we did not see any logs in /var/log/query-errors, is there
anything we are missing?
Thanks.
Compilation options:
[t...@test]$ /usr/local/sbin/named -V
BIND 9.6.1b1 built with '--enable-threads' '--with-openssl=/usr/local'
'--sysconfdir=/etc'
Run with -d2 according to ARM .
5 S root 30974 1 6 75 0 - 44613 - 11:06 ?
00:02:52 /usr/local/sbin/named -n 4 -d2
Corresponding logging configuration in /etc/named.conf
logging {
channel dispatch-log {
file "/var/log/named.dispatch" versions 10 size 1m;
severity debug;
print-severity yes;
print-category yes;
print-time yes;
};
channel default-log {
file "/var/log/named.default" versions 10 size 10m;
severity info;
print-severity yes;
print-category yes;
print-time yes;
};
channel general-log {
file "/var/log/named.general" versions 10 size 10m;
severity info;
print-time yes;
print-category yes;
print-severity yes;
};
channel lame-servers-log {
file "/var/log/named.lame-servers" versions 10 size 100m;
severity info;
print-severity yes;
print-time yes;
};
channel query-errors-log {
file "/var/log/named.query-errors" versions 10 size 100m;
severity info;
print-severity yes;
print-time yes;
};
channel network-log {
file "/var/log/named.network" versions 10 size 10k;
severity debug 50;
print-time yes;
};
channel queries-log {
file "/var/log/named.queries" versions 10 size 250m;
severity info;
print-time yes;
print-severity yes;
};
channel systems-log {
file "/var/log/named.systems" versions 10 size 5m;
severity info;
print-time yes;
print-severity yes;
print-category yes;
};
channel update-log {
file "/var/log/named.update" versions 10 size 5m;
severity info;
print-time yes;
print-category yes;
print-severity yes;
};
channel updt-sec-log {
file "/var/log/named.updt-sec" versions 10 size 5m;
severity info;
print-time yes;
print-category yes;
print-severity yes;
};
channel xfer-in-log {
file "/var/log/named.xfer-in" versions 10 size 5m;
severity info;
print-time yes;
print-category yes;
print-severity yes;
};
channel xfer-out-log {
file "/var/log/named.xfer-out" versions 10 size 1m;
severity info;
print-time yes;
print-category yes;
print-severity yes;
};
category general { general-log; default-log; };
category database { general-log; };
category notify { general-log; };
category unmatched { general-log; };
category resolver { general-log; };
category default { default-log; };
category queries { queries-log; };
category lame-servers { lame-servers-log; };
category query-errors { query-errors-log; };
category config { general-log; };
category security { general-log; systems-log; };
category update { update-log; };
category update-security { updt-sec-log; };
category network { network-log; };
category dispatch { general-log; dispatch-log; };
category dnssec { general-log; };
category xfer-in { general-log; xfer-in-log; };
category xfer-out { general-log; xfer-out-log; };
};
___
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
RE: URL Redirection via DNS
Ok guys, thanks! That confirms the answer to my question. From: bind-users-boun...@lists.isc.org [mailto:bind-users-boun...@lists.isc.org] On Behalf Of Ryan Knapper Sent: Friday, April 24, 2009 10:56 AM To: BIND Mailing List Subject: Re: URL Redirection via DNS This is not what DNS does. It matches an IP with a domain name. Changing the URL needs to be done from within the web-page. On Fri, Apr 24, 2009 at 07:38, Binmakhashen, Latif wrote: Jeff Thank you for wording your reply more professionally. That's exactly what I was trying to find out since I've never tested it. So in this case, the CNAME mike.mydomain.com will display the web page of Ralph.mydomain.com but the URL at the address bar will remain mike.mydomain.com and there is no way to get DNS to display the actual URL rather than continue to display the CNAME? I hope my question is clear to you guys! From: Jeff Lightner [mailto:jlight...@water.com] Sent: Friday, April 24, 2009 10:31 AM To: Pablo Arturi; Binmakhashen, Latif; BIND Mailing List Subject: RE: URL Redirection via DNS Short answer: No Longer answer: Only FQDN can be aliased with CNAME. That's not technically a redirect. (e.g. mike.mydomain.com being CNAME to Ralph.mydomain.com is OK - however you can not make mike.mydomain.com/landingpage do anything because "/landingpage" is not part of the FQDN so has nothing to do with DNS.) Minor Rant: Why don't web developers know how to do simple URL redirection and quit asking DNS Admins to do it for them? From: bind-users-boun...@lists.isc.org [mailto:bind-users-boun...@lists.isc.org] On Behalf Of Pablo Arturi Sent: Friday, April 24, 2009 10:18 AM To: Binmakhashen, Latif; BIND Mailing List Subject: Re: URL Redirection via DNS Or it's too much complex to me, or you're terrible wrong in concepts. DNS has nothing to do with URL redirection, that's a web server job, or again, it's too much complex to me. :) What would be an example of what you want to do? Hi guys, Is it possible to setup DNS to redirect URLs in the address bar of an IE? Please consider our environment before printing this e-mail or attachments. -- CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you. -- -- NOTICE -- The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material, the disclosure of which is governed by applicable law. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error please contact the sender and destroy the materials contained in this message. ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users -- [EOM] ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: URL Redirection via DNS
This is not what DNS does. It matches an IP with a domain name. Changing the URL needs to be done from within the web-page. On Fri, Apr 24, 2009 at 07:38, Binmakhashen, Latif < latif.binmakhas...@omnicare.com> wrote: > Jeff > > > > Thank you for wording your reply more professionally. That’s exactly what I > was trying to find out since I’ve never tested it. > > So in this case, the CNAME mike.mydomain.com will display the web page of > Ralph.mydomain.com but the URL at the address bar will remain > mike.mydomain.com and there is no way to get DNS to display the actual URL > rather than continue to display the CNAME? > > > > I hope my question is clear to you guys! > > > > > > > > *From:* Jeff Lightner [mailto:jlight...@water.com] > *Sent**:* Friday, April 24, 2009 10:31 AM > *To:* Pablo Arturi; Binmakhashen, Latif; BIND Mailing List > *Subject:* RE: URL Redirection via DNS > > > > Short answer: No > > > > Longer answer: Only FQDN can be aliased with CNAME. That’s not > technically a redirect. (e.g. mike.mydomain.com being CNAME to > Ralph.mydomain.com is OK – however you can not make > mike.mydomain.com/landingpage do anything because “/landingpage” is not > part of the FQDN so has nothing to do with DNS.) > > > > Minor Rant: Why don’t web developers know how to do simple URL redirection > and quit asking DNS Admins to do it for them? > > > -- > > *From:* bind-users-boun...@lists.isc.org [mailto: > bind-users-boun...@lists.isc.org] *On Behalf Of *Pablo Arturi > *Sent:* Friday, April 24, 2009 10:18 AM > *To:* Binmakhashen, Latif; BIND Mailing List > *Subject:* Re: URL Redirection via DNS > > > > Or it's too much complex to me, or you're terrible wrong in concepts. > > > > DNS has nothing to do with URL redirection, that's a web server job, or > again, it's too much complex to me. :) What would be an example of what you > want to do? > > Hi guys, > > > > Is it possible to setup DNS to redirect URLs in the address bar of an IE? > > > > *Please consider our environment before printing this e-mail or > attachments.* > > -- > CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential > information and is for the sole use of the intended recipient(s). If you are > not the intended recipient, any disclosure, copying, distribution, or use of > the contents of this information is prohibited and may be unlawful. If you > have received this electronic transmission in error, please reply > immediately to the sender that you have received the message in error, and > delete it. Thank you. > -- > > -- > > * -- NOTICE -- The information transmitted is intended only for the person > or entity to which it is addressed and may contain confidential and/or > privileged material, the disclosure of which is governed by applicable law. > Any review, retransmission, dissemination or other use of, or taking of any > action in reliance upon, this information by persons or entities other than > the intended recipient is prohibited. If you received this in error please > contact the sender and destroy the materials contained in this message. * > > ___ > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users > -- [EOM] ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
RE: URL Redirection via DNS
Jeff Thank you for wording your reply more professionally. That's exactly what I was trying to find out since I've never tested it. So in this case, the CNAME mike.mydomain.com will display the web page of Ralph.mydomain.com but the URL at the address bar will remain mike.mydomain.com and there is no way to get DNS to display the actual URL rather than continue to display the CNAME? I hope my question is clear to you guys! From: Jeff Lightner [mailto:jlight...@water.com] Sent: Friday, April 24, 2009 10:31 AM To: Pablo Arturi; Binmakhashen, Latif; BIND Mailing List Subject: RE: URL Redirection via DNS Short answer: No Longer answer: Only FQDN can be aliased with CNAME. That's not technically a redirect. (e.g. mike.mydomain.com being CNAME to Ralph.mydomain.com is OK - however you can not make mike.mydomain.com/landingpage do anything because "/landingpage" is not part of the FQDN so has nothing to do with DNS.) Minor Rant: Why don't web developers know how to do simple URL redirection and quit asking DNS Admins to do it for them? From: bind-users-boun...@lists.isc.org [mailto:bind-users-boun...@lists.isc.org] On Behalf Of Pablo Arturi Sent: Friday, April 24, 2009 10:18 AM To: Binmakhashen, Latif; BIND Mailing List Subject: Re: URL Redirection via DNS Or it's too much complex to me, or you're terrible wrong in concepts. DNS has nothing to do with URL redirection, that's a web server job, or again, it's too much complex to me. :) What would be an example of what you want to do? Hi guys, Is it possible to setup DNS to redirect URLs in the address bar of an IE? Please consider our environment before printing this e-mail or attachments. -- CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you. -- -- NOTICE -- The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material, the disclosure of which is governed by applicable law. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error please contact the sender and destroy the materials contained in this message. ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: URL Redirection via DNS
I think in Apache, URL redirection is done via "rewrite": http://wiki.apache.org/httpd/Rewrite I hope this helps with the intial question since this at the application layer. While this may help with the original question, this is now off topic. From: Jeff Lightner To: Pablo Arturi ; "Binmakhashen, Latif" ; BIND Mailing List Sent: Friday, April 24, 2009 10:30:46 AM Subject: RE: URL Redirection via DNS Short answer: No Longer answer: Only FQDN can be aliased with CNAME. That’s not technically a redirect. (e.g. mike.mydomain.com being CNAME to Ralph.mydomain.com is OK – however you can not make mike.mydomain.com/landingpage do anything because “/landingpage” is not part of the FQDN so has nothing to do with DNS.) Minor Rant: Why don’t web developers know how to do simple URL redirection and quit asking DNS Admins to do it for them? From:bind-users-boun...@lists.isc.org [mailto: bind-users-boun...@lists.isc.org ] On Behalf Of Pablo Arturi Sent: Friday, April 24, 2009 10:18 AM To: Binmakhashen, Latif; BIND Mailing List Subject: Re: URL Redirection via DNS Or it's too much complex to me, or you're terrible wrong in concepts. DNS has nothing to do with URL redirection, that's a web server job, or again, it's too much complex to me. :) What would be an example of what you want to do? Hi guys, Is it possible to setup DNS to redirect URLs in the address bar of an IE?___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
RE: URL Redirection via DNS
Short answer: No Longer answer: Only FQDN can be aliased with CNAME. That's not technically a redirect. (e.g. mike.mydomain.com being CNAME to Ralph.mydomain.com is OK - however you can not make mike.mydomain.com/landingpage do anything because "/landingpage" is not part of the FQDN so has nothing to do with DNS.) Minor Rant: Why don't web developers know how to do simple URL redirection and quit asking DNS Admins to do it for them? From: bind-users-boun...@lists.isc.org [mailto:bind-users-boun...@lists.isc.org] On Behalf Of Pablo Arturi Sent: Friday, April 24, 2009 10:18 AM To: Binmakhashen, Latif; BIND Mailing List Subject: Re: URL Redirection via DNS Or it's too much complex to me, or you're terrible wrong in concepts. DNS has nothing to do with URL redirection, that's a web server job, or again, it's too much complex to me. :) What would be an example of what you want to do? Hi guys, Is it possible to setup DNS to redirect URLs in the address bar of an IE? ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: URL Redirection via DNS
Or it's too much complex to me, or you're terrible wrong in concepts. DNS has nothing to do with URL redirection, that's a web server job, or again, it's too much complex to me. :) What would be an example of what you want to do? Hi guys, Is it possible to setup DNS to redirect URLs in the address bar of an IE? ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
URL Redirection via DNS
Hi guys, Is it possible to setup DNS to redirect URLs in the address bar of an IE? -- NOTICE -- The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material, the disclosure of which is governed by applicable law. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error please contact the sender and destroy the materials contained in this message. ___ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
