Wireless Hacks. 1917 IndustrialStrength Tips and Tools [Electronic resources] نسخه متنی

Hack 56 Running Your Own Top-Level Domain

Set up your own TLD in BIND for ease of
navigation.

If you administer a network that uses
private addressing,
you've almost certainly encountered the
disassociated schizophrenia of trying to maintain zone files that
properly reflect internal and external IP addresses. With the introduction
of Views in Bind 9, supporting multiple address ranges in a single
domain has been significantly streamlined.

While using views is one way to attack the problem, consider the ease
of setting up your own top-level domain. Normally,
zone entries in
named.conf look something like this:

zone "oreillynet.com" {
type master;
file "data/oreillynet.com";
};

This is an entry appropriate for an authoritative DNS server for the
oreillynet.com subdomain. The actual top-level
domains (i.e., .com,
.net, .org,
.int, etc.) are only delegated to the mysterious
13 known as the root DNS servers. Even though your servers
won't be consulted by the rest of the Internet, it
can be handy to set up your very own TLD that works only on your
local network.

For example, suppose you have a group of machines that use the
private 192.168.1.0/24 network. These machines
aren't directly reachable from the Internet, and you
don't really want to advertise their DNS information
to would-be network crackers. Try a non-standard TLD:

zone "bp" {
type master;
file "data/bp";
allow-transfer { 192.168.1/24; };
allow-query { 192.168.1/24; };
};

The bp is short for BackPlaneand, more to
the point, the bp is just plain short. With the
preceding code added to your zone file, set up a master record for
bp just as you would any other domain:

$TTL 86400
@     IN SOA  ns.bp. root.homer.bp. (
2002090100      ; Serial
10800           ; Refresh after 3 hours
3600            ; Retry after 1 hour
604800          ; Expire (1 week)
60              ; Negative expiry time
)
IN NS           ns.bp.
ns            IN A                 192.168.1.1
homer         IN A                 192.168.1.10
bart                IN A         192.168.1.11
lisa                IN A         192.168.1.12

Reload named, and you should be able to simply
ping homer.bp. If
you'd like other name servers to maintain slave
copies of your TLD, just add them as usual:

zone "bp" {
type slave;
file "db.bp";
masters { 192.168.1.1; };
};

In this way, you can extend your new TLD across your entire private
network architecture. If you're running tunnels over
the Internet[Hack #54] to connect
remote offices or friends, support for your TLD could theoretically
grow to be as large as you like. This is exactly what some wireless
community networks (like NoCatNet and SeattleWireless) are doing. For
example, users on SeattleWireless can browse to http://www.rob.swn/ to hit a web server that
I host on the wireless network. This shortcut of using a custom TLD
saves a lot of typing, doesn't require Internet
access to work, and is much easier than remembering IP addresses.