[MaraDNS list] MaraDNS Recursive question

[Phil Harlow]

Ok, I think I got it to work!! Probably not the best way, but it works
for now! My solution is to run BOTH dns servers (yuck)

I have deadwood setup with this dwood3rc.txt:

upstream_port = 54
upstream_servers = {}
upstream_servers["guzzoni.apple.com."]="127.0.0.1" # Servers we connect to

root_servers = {}
root_servers["."]="198.41.0.4, 192.228.79.201, 192.33.4.12, 128.8.10.90, "
root_servers["."]+="192.203.230.10, 192.5.5.241, 192.112.36.4, 128.63.2.53, "
root_servers["."]+="192.36.148.17, 192.58.128.30, 193.0.14.129, 199.7.83.42, "
root_servers["."]+="202.12.27.33"

bind_address="192.168.0.199"
recursive_acl = "192.168.0.0/24"
random_seed_file = "secret.txt"
cache_file = "dw_cache_bin"
filter_rfc1918 = 0

Then I have this for my marac file:

hide_disclaimer = "YES"
ipv4_bind_addresses = "127.0.0.1"
dns_port = 54
timestamp_type = 2
random_seed_file = "secret.txt"
csv2 = {}
csv2["apple.com."] = "db.lan.txt"

and in db.lan.txt is:

guzzoni.%       192.168.0.199 ~

This seems to work so far. If you guys have any tips for how to
improve this/get this accomplished with just ONE dns server, it would
be GREATLY appreciated! I'm going to do a write up in the next day or
two for other people, so I'd rather not send them down the
wrong/inefficient path :)

Thanks so much for maradns! Donation on it's way!


-Phil Harlow


On Sat, Nov 26, 2011 at 2:17 PM, Phil Harlow <phil.harlow at gmail.com> wrote:
> Hello,
>
> I sent a reply to Sam but it may not have gotten to him. I'm sending
> this one to the mailing list. I will try to explain what I need as
> concisely as possible.
>
> I would like to set up maradns/deadwood (whichever is correct to use)
> so that all dns requests coming to it, are passed along to my real dns
> servers to be resolved, EXCEPT for one special address, which I would
> like to "resolve" and send back a local ip. Essentially, I would like
> to have a recursive dns server which just forwards all requests to to
> the big guys, except for a special URL (guzzoni.apple.com), in which
> case I'd like to it behave like an authoritative dns server and send
> back my own specially resolved URL. (192.168.0.199)
>
> Eg, I ask for google.com, mara/deadwood checks the real dns servers
> (opendns, googledns, my isp's dns) and returns their response.
> But if I ask for guzzoni.apple.com, I would like to "resolve" it to
> 192.168.0.199.
>
> I do not want to pass that dns request to ANOTHER dns server as the
> example below accomplishes (I believe)
>
> I would like it to send back a resolved address of my choosing
> (192.168.0.199), only if it matches guzzoni.apple.com, and otherwise
> just pass along normal dns results.
>
> Is this possible?
>
> Thanks so much guys!
>
>
> -Phil Harlow
>
>
>
> On Fri, Nov 25, 2011 at 12:00 PM, Sam Trenholme <maradns at gmail.com> wrote:
>> Make sure you are using Deadwood 3.0.05.  This is available here:
>>
>> http://maradns.org/deadwood/stable
>>
>> The .zip file is the Windows binary.
>>
>> Deadwood 3.0.05 is also available with MaraDNS 2.0.04.  Only use
>> MaraDNS 1.4.07 (which also has Deadwood 3.0.05) or any other MaraDNS 1
>> release if you have a compelling reason to use an older release of
>> MaraDNS.
>>
>>> I want to forward all dns requests to opendns, except for a certain
>>> url, which I'd like to relocate.
>>
>> This is your dwood3rc file:
>>
>> bind_address="192.168.1.42"
>> recursive_acl="192.168.1.0/24"
>> chroot_dir="/etc/maradns"
>> upstream_servers={}
>> upstream_servers["."]="208.67.222.222,208.67.220.220"
>> upstream_servers["google.com."]="8.8.8.8,8.8.4.4"
>>
>> Replace "192.168.1.42" with the IP of your computer and
>> "192.168.1.0/24" with the network range which needs to have access to
>> the Deadwood server.  Replace "google.com" and "8.8.8.8,8.8.4.4" with
>> the domain you want to go to another DNS server.
>>
>> If you only need to have Deadwood be accessible from a single computer
>> with a dynamic IP, have the bind_address be "127.0.0.1" and the
>> recursive_acl be "127.0.0.0/16".
>>
>>> To supply the default dns. But the last and recent comment says
>>> "Upstream_servers no longer supported". Is this true?
>>
>> No, it is not.  I once had a user who had issues with
>> upstream_servers, but I ran some tests and confirmed the problem was
>> not with my program.
>>
>>>Sometimes maradns just closes and I have no time to read any
>>> output if any.
>>
>> Do not use maradns.exe, use deadwood.exe.
>>
>> deadwood.exe is a service.  It has to be installed as a service.  As
>> admin, enter the directory Deadwood is in and run the following
>> commands from a "cmd" prompt:
>>
>> mkSecretTxt.exe
>> deadwood.exe --install
>> net start deadwood
>>
>> deadwood.exe needs, for security reasons, a source of entropy (a
>> random file).  This is why we generate a random file called secret.txt
>> by calling mkSecretTxt.exe before installing Deadwood.
>>
>> Deadwood will log all errors in the file dwlog.txt.  Look at this file
>> if Deadwood refuses to start; it will tell you what is wrong.
>>
>>> Thanks for any and all help!!
>>
>> MaraDNS development and support is funded for by user contributions;
>> its business model is the "PBS" business model.  If you can afford to,
>> please make a modest contribution by making a paypal donation to
>> abiword_bugs at yahoo.com, or by clicking on the donate button at
>> http://maradns.org.  Note that mail sent to this email address is not
>> looked at.
>>
>> - Sam
>>
>