DNS: Configure DNS to return the same IP Address for all hostnames

Hi,

its possible to catch all DNS host queries to just one IP Address. For example in an open WLAN to redirect a User to a authentication page before he can use the network.

I will describe this for ISC Bind and dnsmasq on debian linux. Maybe other DNS implemention offers such a possibility too.

Install and configure BIND.

root@debdev:~# apt-get install bind9
root@debdev:~# mkdir /etc/bind/
root@debdev:~# cd /etc/bind
root@debdev:~# mv named.conf named.conf.org

We create a simple configuration. Therefore save the existing /etc/bind/named.conf and create a new one with your favorite editor. Also refer to the manual of your destribution where to locate the named.conf file.


options {
    # If DNS should only listen to a specific interface multiple interfaces
    # define it here,
    # remove the comment sign and set the IP Address of the interface
    # listen-on { 10.254.1.1;};
    listen-on-v6 {none;};
    allow-query {any;};
    directory "/etc/bind";
    disable-empty-zone yes;
    allow-recursion {"none";};
    additional-from-cache no;
    recursion no;
};
zone "." {
    type master;
    file "/etc/bind/db.redirectallhosts";
};

Create the zone file /etc/bind/db.redirectallhosts


$TTL 30      ;30 sec
; Use a short TTLbecause the client caches
; these the queried names for that time without 
; query the DNS Server again
@ IN SOA ns.yourdomain.local. hostmaster.yourdomain.local. (
                                2015072200 ; serialnumber of zone, increment it on any changes
                                240        ; refresh (4min)
                                120        ; retry (2 min)
                                900        ; expire (15 minutes)
                                300        ; minimum (5 minutes)
                                )
  ; IP of your Nameserver
  IN NS 10.254.1.1
  ; IP to redirect
* IN A 10.254.1.2

Set User bind as owner of the bind directory

root@debdev:~# chown -R bind:bind /etc/bind

Start the DNS Server

root@debdev:~# /etc/init.d/bind9 start
[ ok ] Starting domain name service...: bind9.

And query any domain


root@debdev:~# nslookup michlstechblog.info 10.254.1.1
Server:         localhost
Address:        127.0.0.1#53

Name:   michlstechblog.info
Address: 10.254.1.2

If the query fails look into /var/log/syslog for further details

root@debdev:~# grep named /var/log/syslog
......
Jul 22 18:02:39 debdev named[5425]: command channel listening on 127.0.0.1#953
Jul 22 18:02:39 debdev named[5425]: command channel listening on ::1#953
Jul 22 18:02:39 debdev named[5425]: zone ./IN: loaded serial 2015072200
Jul 22 18:02:39 debdev named[5425]: managed-keys-zone ./IN: loaded serial 0
Jul 22 18:02:39 debdev named[5425]: running
Jul 22 18:02:39 debdev named[5425]: zone ./IN: sending notifies (serial 2015072200)
.....

Enable bind9

root@debdev:~# update-rc.d bind9 defaults

And the same procedure with dnsmasq πŸ™‚ Quite Simply πŸ™‚
Install dnsmasq

root@debdev:~# apt-get install dnsmasq

and create a simple config. Create a config file /etc/dnsmasq.d/redirectallhosts and set

address=/#/10.254.1.2

start dnsmasq

root@debdev:~# /etc/init.d/dnsmasq start

Check name resolution

root@debdev:~# nslookup www.heise.de localhost
Server: localhost
Address: ::1#53

Name: www.heise.de
Address: 10.254.1.2

Enable dnsmasq

root@debdev:~# update-rc.d dnsmasq defaults

You can also redirect all incoming network traffic on the interface (where the clients connects to) to thia IP Address, rewrite the destination IP Address of all packets. Take care that is is not the public LAN interface :-).

# Send all incoming tcp pakets on port 443 to 10.254.1.2 port 80
root@debdev:~# iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 443 -j DNAT --to 10.254.1.2:80
# Sends all pakets(udp/icmp/tcp) to 10.254.1.2
root@debdev:~# iptables -t nat -A PREROUTING -i eth1 -j DNAT --to 10.254.1.2

Depending on your configuration, if your box acts as router, you have to enable IP forwarding

root@debdev:~# sed -i 's/\#\s*net\.ipv4\.ip_forward=1/net\.ipv4\.ip_forward=1/' /etc/sysctl.conf
root@debdev:~# sysctl -p /etc/sysctl.conf

Have fun!
Michael

One thought on “DNS: Configure DNS to return the same IP Address for all hostnames”

  1. HI
    want to ask you some questions
    If I just want to redirect all traffic to my webserver 192.168.1.1
    so what is my
    IP of your Nameserver
    IN NS 10.254.1.1

    in /etc/bind/db.redirectallhosts

    i didnt see you setting what nameserver to 10.254.1.1

Leave a Reply