Learn How We Can Help You Keep Teleworkers Protected During the COVID-19 Crisis

DNS DHCP IPAM

Reply
Highlighted

overwrite particular public DNS records inside company network

Techie
Posts: 1
3973     0

I use two IB-1410 as DNS servers in our compay network.
For interal users I would now like to answer lookup requests for typical exteral, device-preconfigured NTP server like ntp.apple.com and pool.ntp.org with the IP address of our interal NTP server.

Does anybody have an idea how to do this?

Thank You in Advance,
Christian Brandstaetter

Highlighted

Re: overwrite particular public DNS records inside company network

Authority
Posts: 17
3974     0

Although this is an uncommon configuration you can configure for example ntp.apple.com as an authoritative zone and add an empty A record inside pointing for example to 5.6.7.8 which will result in :

 

dig @<DNS IP>  ntp.apple.com A

; <<>> DiG 9.8.3-P1 <<>> @x.x.x.x ntp.apple.com A
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11494
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;ntp.apple.com.            IN    A

;; ANSWER SECTION:
ntp.apple.com.        28800    IN    A    5.6.7.8

;; Query time: 40 msec
;; SERVER: x.x.x.x#53(x.x.x.x)
;; WHEN: Tue Aug 30 19:50:06 2016
;; MSG SIZE  rcvd: 47

Highlighted

Re: overwrite particular public DNS records inside company network

Adviser
Posts: 139
3974     0

Another option to re-write these requests and not need to be authoritative for the domain would be to leverage a Response Policy Zone (RPZ).

 

This does require a license for RPZ, but you can then create a local policy zone with an entry to redirect/rewrite any DNS responses you would like without needing to be authoriative for the zone.

Steve S.
Showing results for 
Search instead for 
Do you mean 

Recommended for You