0

I want to set-up a nameserver in a way that it will reply with the same response for every domain that is queried against it.

The use-case is that I would like to ask customers to simply change their nameserver, and be done with it. Thus: no configurations on my side.

Thus say my nameserver is nameserver.local: I'd like both example.com, google.com or any other domain to reply identically. 

$ dig A example.com @nameserver.local 
$ dig A example.com @nameserver.local 
$ dig A jibberish.com @nameserver.local 

=> Should yield same response

I guess this should be possible. But I am not sure how one would go about this. Ideally I want to use a service like AWS's Route 53 or GCP's Cloud DNS. However: I cannot find such a thing.

Raynel A.S
  • 457
  • 4
  • 9
Roel van Duijnhoven
  • 800
  • 1
  • 7
  • 24
  • This is not a programming question and hence offtopic here. But if you install a nameserver such as `bind` you will see that in its configuration file you specify a list of zones for which it is authoritative on, and the associated zonefile. Hence you can configure any amount of zones all using the same file and hence providing the same reply. You still need to list each zone names. If you want to be completely dynamic you then need other options and catalog zones for example or some kind of dynamic updates. – Patrick Mevzek Oct 30 '19 at 04:23
  • I am indeed interested in the later: how can one configure bind for example to respond idental for _every_ domain name possible? An example using BIND would also be fine @PatrickMevzek. – Roel van Duijnhoven Oct 30 '19 at 08:50
  • This is not possible using services such as Amazon Route 53 or Google Cloud DNS. I am not aware of any configuration for well-known DNS servers such as bind that support this. You can do this for subdomains but not for domains (domain name + TLD). For subdomains this is called `wildcarding`. – John Hanley Oct 30 '19 at 16:07
  • Your comment ` I would like to ask customers to simply change their nameserver`. This is a bad idea. Your customer won't be able to access any other domain as your name server would respond to all queries. This is an impossible design with significant security implications. – John Hanley Oct 30 '19 at 16:12
  • @JohnHanley If you create a zone for `.` with wildcard A records, it will work for any name. Is that a good idea? Probably not. Is it possible? Most definitively yes and there are other ways, for example with DLZ or any programmatic backend – Patrick Mevzek Oct 31 '19 at 20:31
  • 1
    @RoelvanDuijnhoven First hit on a search for bind + wildcard + all zones: https://serverfault.com/questions/229085/wildcard-dns-with-bind this exactly shows the above (root zone + wildcard). – Patrick Mevzek Oct 31 '19 at 20:32
  • @PatrickMevzek - Wildcard A Resource Records only affect the domain and not other domains. You can specify `*.example.com`. You can NOT specify `*.com`. Your example link shows `*.example.com`. Am I missing something here in your ideas? – John Hanley Oct 31 '19 at 20:43
  • @JohnHanley You are missing part of my comment: "create a zone of ." (the zone is `.`, not `example.com`)! If you do this, with `*` in the zone file, it matches all names how deep you want... So replace `example.com.` by just `.` in all examples(!) to see how it works. Setups like that are done by many providers. Think "parked" domains for example (the provider does not want to change its configuration for each new domain in that case, the domain just has to switch its nameservers to the ones configured in the above fashion) – Patrick Mevzek Oct 31 '19 at 20:47
  • @PatrickMevzek - I will defer to you for now. I do not have a lab setup that I can test and verify this. However, the last part of your comment does make sense to me. – John Hanley Oct 31 '19 at 21:02
  • Thanks @PatrickMevzek, I think with that resource I should be able to make it work :)! I _think_ my use-case (which I did not describe) is valid. But I'll take extra care of the warnings posted here. – Roel van Duijnhoven Nov 04 '19 at 07:37

0 Answers0