Default/Wildcard Query Response

Shane Kinsch

unread,

Jul 28, 2003, 8:37:40 PM7/28/03

to

Does anyone happen to know a quick and dirty way of taking any traffic
being requested and give the person doing the query a default IP?

For example... Let's say you were a hosting company or a domain name
registration firm and you are registering (or allowing people to
register) domain names using your DNS servers.

I would like to direct traffic of the new domain to an IP address such
that person X registers a domain xyz.com and uses our DNS servers for
resolution. I would like to have a default statement somewhere that
when queried, and the domain is not locally setup, it responds to a
default IP address thus sending the traffic to a default "domain not
setup" page.

Any help is appreciated. Please respond to the e-mail address below
and copy the newsgroup.

Thanks,

Shane Kinsch
NetraCorp LLC
shane....@netracorp.comNOSPAM

p...@icke-reklam.ipsec.nu

unread,

Jul 29, 2003, 1:35:34 PM7/29/03

to

You ask in news and will receive answer with news ...

Try a DNS wildcard '*' :

* IN A <ip-of-wildcard>

This may be combined with other RR and the general rule is
that "closest fit" will match.

> Thanks,

> Shane Kinsch
> NetraCorp LLC
> shane....@netracorp.comNOSPAM

--
Peter Håkanson
IPSec Sverige ( At Gothenburg Riverside )
Sorry about my e-mail address, but i'm trying to keep spam out,
remove "icke-reklam" if you feel for mailing me. Thanx.

Shane Kinsch

unread,

Jul 30, 2003, 10:10:05 AM7/30/03

to

p...@icke-reklam.ipsec.nu wrote in message news:<bg6dqi$1j0$1...@sf1.isc.org>...

> Shane Kinsch <shane....@netracorp.com> wrote:
> > Does anyone happen to know a quick and dirty way of taking any traffic
> > being requested and give the person doing the query a default IP?
>
> > For example... Let's say you were a hosting company or a domain name
> > registration firm and you are registering (or allowing people to
> > register) domain names using your DNS servers.
>
> > I would like to direct traffic of the new domain to an IP address such
> > that person X registers a domain xyz.com and uses our DNS servers for
> > resolution. I would like to have a default statement somewhere that
> > when queried, and the domain is not locally setup, it responds to a
> > default IP address thus sending the traffic to a default "domain not
> > setup" page.
>
> > Any help is appreciated. Please respond to the e-mail address below
> > and copy the newsgroup.
>
> You ask in news and will receive answer with news ...
>
>
> Try a DNS wildcard '*' :
>
> * IN A <ip-of-wildcard>
>
> This may be combined with other RR and the general rule is
> that "closest fit" will match.
>

Where would this go? In the root's cache? I'm not looking for domain
specific as I don't know who is pointing to me. I want to take any
and all generic traffic and redirect to a generic start page.

Such that you register a domain name and use my name servers. I have
no clue what your new domain is, but I want it to be activated
immediately once you point to me.

Thanks.

p...@icke-reklam.ipsec.nu

unread,

Jul 31, 2003, 2:08:27 AM7/31/03

to

Shane Kinsch <shane....@netracorp.com> wrote:
> p...@icke-reklam.ipsec.nu wrote in message news:<bg6dqi$1j0$1...@sf1.isc.or=

g>...
>> Shane Kinsch <shane....@netracorp.com> wrote:

>> > Does anyone happen to know a quick and dirty way of taking any traff=

ic
>> > being requested and give the person doing the query a default IP?

>> =20

>> > For example... Let's say you were a hosting company or a domain name
>> > registration firm and you are registering (or allowing people to
>> > register) domain names using your DNS servers.

>> =20
>> > I would like to direct traffic of the new domain to an IP address su=
ch
>> > that person X registers a domain xyz.com and uses our DNS servers fo=

r
>> > resolution. I would like to have a default statement somewhere that
>> > when queried, and the domain is not locally setup, it responds to a
>> > default IP address thus sending the traffic to a default "domain not
>> > setup" page.

>> =20

>> > Any help is appreciated. Please respond to the e-mail address below
>> > and copy the newsgroup.

>>=20

>> You ask in news and will receive answer with news ...

>>=20
>>=20

>> Try a DNS wildcard '*' :

>>=20
>> * IN A <ip-of-wildcard>
>>=20
>> This may be combined with other RR and the general rule is=20

>> that "closest fit" will match.

>>=20

> Where would this go? In the root's cache? I'm not looking for domain
> specific as I don't know who is pointing to me. I want to take any
> and all generic traffic and redirect to a generic start page.

In the zone's zonefile. This is "just another resource-record" among othe=
rs.

> Such that you register a domain name and use my name servers. I have
> no clue what your new domain is, but I want it to be activated
> immediately once you point to me.

> Thanks.

>>=20
>>=20
>> > Thanks,
>> =20

>> > Shane Kinsch
>> > NetraCorp LLC
>> > shane....@netracorp.comNOSPAM

--=20
Peter H=E5kanson =20

IPSec Sverige ( At Gothenburg Riverside )

Sorry about my e-mail address, but i'm trying to keep spam out=

Shane Kinsch

unread,

Jul 31, 2003, 7:43:43 PM7/31/03

to

p...@icke-reklam.ipsec.nu wrote in message news:<bgacc9$2bjv$1...@sf1.isc.org>...

I don't think you understand what I'm asking. There is no ZONE to put
it in. It doesn't exist. I need a "wildcard" zone or some config
change that will respond to anything if asked with an IP that I give.
Again, let's say you point your domain to my servers... they won't
respond because I am not the SOA for your domain... now let's say I
make some magic change to my DNS servers to respond with an IP, even
though I'm not the SOA. Is this possible??

p...@icke-reklam.ipsec.nu

unread,

Aug 1, 2003, 2:04:18 AM8/1/03

to

If you want this to happen for evetry TLD then you must run
yout own root-servers. As rootserver you have a zoen for '.', put your
wildcard there and youre done.

There is a number of implications with running a root-server, and for the
time beeing i think it's time to advice you to drop this idea.

>

--
Peter Håkanson

IPSec Sverige ( At Gothenburg Riverside )

Sorry about my e-mail address, but i'm trying to keep spam out,

Shane Kinsch

unread,

Aug 2, 2003, 8:14:22 PM8/2/03

to

p...@icke-reklam.ipsec.nu wrote in message news:<bgd0di$1j4l$1...@sf1.isc.org>...

I know other hosting organizations are doing this, so I'll have to dig
into this a little deeper. Thanks phn for your help. -- Shane

Shane Kinsch

unread,

Mar 16, 2005, 12:27:24 PM3/16/05

to

I just wanted to update anyone interested on how this actually works.

The Problem: I needed to configure named to reply to <any> request
with default zone data such that a query for <random-domain>.<gTLD>
will always result in a reply.

Why would anyone do this you ask? Hosting companies could do this for
ease of use in setting up a new hosted domain for their customers or an
ICANN Accredited Registrar may default DNS servers to newly registered
domain names pointing to their PPC (Pay Per Click) until the new owner
changes name servers, vs. managing which domains are actually using
their name servers and the administrative overhead this brings in
"managing" DNS services.

To do this, you will need to run a separate named.conf and in this
case, I'm calling it wild.conf. It will also bind to a different IP of
course if you're running this on your existing DNS servers. Here's a
sample:

wild.conf:
---------------- snip -------------- snip --------------
zone "22.33.44.in-addr.arpa" in {
type master;
file "master/db.wild-reverse-remote";
};
zone "1.168.192.in-addr.arpa" in {
type master;
file "master/db.wild-reverse-local";
};
zone "." in {
type master;
file "master/db.wild";
};
---------------- snip -------------- snip --------------

Note the above, that you will now need to reverse your in-addr.arpa.
I'm doing this for both local and remote addresses. The normal root
hint is now mastered and referring to db.wild. I'll only show the
Remote and db.wild here.

db.wild-reverse-remote:
---------------- snip -------------- snip --------------
$TTL 14400 ; 4 hours
;
; Last Modified by: Shane Kinsch
; 08.07.04 Created and standardized
;
$ORIGIN 22.33.44.in-addr.arpa.
@ IN SOA ns1.yourNORMALnameserver.net. you.yourdomain.com. (
2008070400 ; Serial revision
10800 ; Refresh after 3 hrs.
3600 ; Retry after 1 hr.
604800 ; Expire after 1 week
86400 ) ; Min. TTL of 1 day
@ IN NS ns1.yourWILDnameserver.net.
IN NS ns2.yourWILDnameserver.net.

;
11 IN PTR ns1.yourWILDnameserver.net.
12 IN PTR ns2.yourWILDnameserver.net.
---------------- snip -------------- snip --------------

db.wild:
---------------- snip -------------- snip --------------
;
; Last Modified by: Shane Kinsch
; 08.07.04 Created and standardized
;
; ZONE .
. 86400 IN SOA ns1.yourWILDnameserver.net.
you.yourdomain.com. (
2004080700 ; Serial revision
1800 ; Refresh after 30 mins
300 ; Retry after 5 mins
604800 ; Expire after 1 wk.
86400 ) ; Min. TTL of 1 day

. IN NS ns1.yourWILDnameserver.net.
. IN NS ns2.yourWILDnameserver.net.
* IN A 44.33.22.13
---------------- snip -------------- snip --------------

Once started, if you assign a domain with the WILD name servers above,
any query against ns1/ns2 will always result in 44.33.22.13!

Keep in mind, the only reason why someone would request a query against
this 'wildcard' dns configuration is if they were told to from the
root-servers for the domain they're requesting. Only domains assigned
to this will use it and every request for an answer to their query will
be replied to with the wildcard IP.

Shane Kinsch
NetraCorp LLC / Global Internet