DNS : Hints to limit access to known clients

I would like to set up for personal purposes a DNS server on the cloud and offer its service to several members of my family/friends. Based on their IP and the filtering options they’d like, DNS queries will be performed in confidence (filter only ads, filter only non-appropriate sites for kids, etc…). In fact, a homemade OpenDNS solution.

To do so, I can use the directive allow-from (or equivalent) of my DNS solution but due to the DNS protocol nature, I can use only IP address/netmasks. This would work fine for people with public static IP addresses but not for people with a dynamic one.

I was thinking about using a reverse proxy that does support allow-from FQDN directive and forward the query to the local DNS server once the FQDN/IP matches.

What do you think about it? Is there any other/more straightforward solution/idea?

networking – Non-Admin – how to change DNS & Default Gateway

I have a small company where I’m hosting Windows VM servers from an ESXI host. And a PDC where I had set up Active Directory etc.

Everything was good, but randomly the user’s DNS changed to 8.8.8.8 and default gateway reset to a random IP.

Does anyone know why that could be?

I was able to change network settings for the Admin users to point to the local default gateway along with DNS, but for non-admin, I am not able to change those settings – cannot log in as an Admin (from the popup) or logout and login as anything other than the local user (as it’s not able to communicate to my server).

Thank you guys!

DNS Resolver in DNS Amplification

As I understand it, in a DNS Amplification attack we need several DNS Resolvers.

Does this mean that the DNS server should have Recursion capability?
My next question is why should it have such a capability? Can a regular DNS server be used for this attack?

Nome DNS para o istio kubernetes

estou tendo um problema, implantei o istio no meu ambiente, criei um nome dns para acessar o servi├žo de fora , configurei no ingress apontando para o kiali e definiticamente nao funciona de nenhuma maneira, conhecem alguma forma?

Obrigado

DNS providers

Hey guys,
I just wanted to ask what managed DNS providers are you using and what is your experience with them? We are currently looking at a couple of providers and I think constellix our manager's favorite so far, of course, we are still researching other providers like ns1 and azure. Since there have been a decent amount of outages in the last couple of weeks I really want to know "who I'm getting in bed with". So any feedback would be helpful! And for those of you who are not familiar…

DNS providers

dns – Android ignores DHCP “Search domain” unless it’s on a VPN

So I have a single subnet, flat LAN, multiple wired access points all in bridge mode.

I have ISC-DHCP server and Bind9 DNS server configured for dynamic DNS hosts etc. The DNS provides a local zone of my public domain, *.lan.publicdomain.com but is not externally marked as a server for that domain. Thus internal *.lan. hosts are on the LAN server and *.publicdomain.com hosts are on the external public DNS at 123reg.

I also have an OpenVPN port open on the public IP. Externally vpn.publicdomain.com leads to my current IP.

It all works, I can be on the VPN on 4G or public wifi … or be on my local wifi and access all my LAN hosts either way. I can actually be on both my local Wifi and VPN at the same time.

The android issue is that while on the VPN going to say:

http://somehost:8080/

Will resolve correctly to somehost.lan.publicdomain.com and the site will open.

If however I disconnect from VPN and just connect to my bare Wifi, my phone will still access somehost, but it will not resolve it without specifying the FQDN. It’s like it will accept the search-domain from the VPN DHCP pool, but it will not accept it from the ISC-DHCP server locally.

Is this something to do with Android forcing DNS to avoid adblocks? Only when on VPN they can’t get away with doing that as it’s insecure and corporate types would object loudly.

I should note that all normal LAN clients, like Windows10, Linux etc, all honor the search domain in DHCP. Just not the android in LAN mode.

Phone is MotoG5 Plus, android: 8.1.0

networking – In a recursive DNA query procedure, if a local DNS server needs to query root DNS servers, how does it know/get their IP addresses?

I am taking a computer networks class, and was wondering how a local DNS server knows the root DNS servers’ IP addresses when querying them. I am assuming that since this is the root server, maybe there is a pre-provided root server address list for the local DNS, since a root server address can’t be found from DNS servers from lower hierarchy, but I may be mistaken.

dns hosting – Pointing a custom domain to Azure Web App – Without the need of adding verification records

I have a website running on Azure Web App. This website provides a profile page to its users. The users are looking to point their custom domains to their respective profile page. I want to minimize the manual steps to achieve this. For every custom domain, I need to add that manually to Azure Web app and also need to verify the ownership via TXT record. This could be fine for a small number of custom domains but when you have 100s of such users, it just becomes a blocker.

Is there any way I could somehow let any custom domain pointed to my website work without needing to add the domain record on Azure portal and having to verify ownership?

I wonder if Azure DNS can help me achieve my goal in anyway.

dns – WHM and Domain name provider custom name server setup

  • I have a domain address registered on Google. (For ex. www.examp.tld )
  • I have a Reseller Hosting on www.examp.tld.
  • I have Dedicated IP address for my own WHM.

What I want to do is set the custom name server addresses like ns1.example.tld and ns2.example.tld.


Now: My hosting provider gave me the following

enter image description here

ns1.provider.net -> 5.***.241.34
ns2.provider.net -> 5.***.242.34

But my permanent IP address in cPanel looks like this:

enter image description here

5.***.252.52

First of all, I made my Google settings as follows

enter image description here

enter image description here

My Main Account CPanel DNS Records as follows

enter image description here


My hosting provider asked me to adjust these settings. But what I can’t understand is why we prefer a shared IP address rather than my own IP address. So why did we pay the extra fee and get Custom IP?

  • Q(1): Are the IPv4 addresses that I will enter into Google domains correct? Or will I enter the IP address of “5.***.252.52” for both?
  • Q(2): Are the “A” records in my main CPanel account correct? Or will I enter my own IP address “5.***.252.52” for it?
  • Q(3): If they need to enter the IP address of the hosting provider (as in the photos), doesn’t that cause my sites to be listed in the SHARED IP by search engines?

Bind DNS server on virtualmin Ubuntu 20.4 only resolves DNS locally

I have been trying to move my server from CentOS 8 to Ubuntu 20.04 due to centos stopping updates
since my old server was running on Virtualmin I installed Virtualmin on Ubuntu and then moved the files and made a new server and made sure to configure Bind same as centos , to make sure that there is nothing blocking the DNS requests I also disabled the firewall on Ubuntu.
the problem is that the DNS is resolved locally when I use NS-lookup on the Ubuntu machine but it does not resolve on a external computer and the DNS request is timed out
any help is greatly appreciated