Reply

overwrite particular public DNS records inside company network

brandstaetter
Techie
Posts: 1
2701     0

I use two IB-1410 as DNS servers in our compay network.
For interal users I would now like to answer lookup requests for typical exteral, device-preconfigured NTP server like ntp.apple.com and pool.ntp.org with the IP address of our interal NTP server.

Does anybody have an idea how to do this?

Thank You in Advance,
Christian Brandstaetter

Re: overwrite particular public DNS records inside company network

rdaens
Techie
Posts: 14
2701     0

Although this is an uncommon configuration you can configure for example ntp.apple.com as an authoritative zone and add an empty A record inside pointing for example to 5.6.7.8 which will result in :

 

dig @<DNS IP>  ntp.apple.com A

; <<>> DiG 9.8.3-P1 <<>> @x.x.x.x ntp.apple.com A
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11494
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;ntp.apple.com.            IN    A

;; ANSWER SECTION:
ntp.apple.com.        28800    IN    A    5.6.7.8

;; Query time: 40 msec
;; SERVER: x.x.x.x#53(x.x.x.x)
;; WHEN: Tue Aug 30 19:50:06 2016
;; MSG SIZE  rcvd: 47

Highlighted

Re: overwrite particular public DNS records inside company network

Adviser
Posts: 147
2701     0

Another option to re-write these requests and not need to be authoritative for the domain would be to leverage a Response Policy Zone (RPZ).

 

This does require a license for RPZ, but you can then create a local policy zone with an entry to redirect/rewrite any DNS responses you would like without needing to be authoriative for the zone.

Check out our new Tech docs website at http://docs.infobox.com for latest documentation on Infoblox products
Showing results for 
Search instead for 
Do you mean 

Recommended for You