DNS override
Dustin Kirkland
kirkland at canonical.com
Mon Mar 13 17:58:52 UTC 2017
On Sun, Mar 12, 2017 at 4:30 PM, LaMont Jones <lamont at canonical.com> wrote:
> On Sun, Mar 12, 2017 at 11:30:57AM -0500, Dustin Kirkland wrote:
>> However, I'm also using MAAS, generally, for the DNS/DHCP of the
>> machines on my network. Here, I'd like the devices which are not
>> necessarily deployed by MAAS to also take advantage of the local
>> mirror, with minimal per-machine configuration.
>
> What you are actually asking is "How do I get BIND to lie", which is
> going to be problematic, and is likely to break totally if/when Canonical
> starts DNSSEC signing of the ubuntu.com domain. And yes, that also
> applies to dnsmasq, for anything in the resolution path that checks DNSSEC
> signatures.
Yes, that's exactly what I'm looking for! aka, "DNS spoofing" to some.
So I've used the dnsmasq hack quite reliably for 9+ years at home on
my dd-wrt router, tricking all local machines using my local dns to
hit a local copy of archive.ubuntu.com.
Right or wrong, this is what I'm trying to accomplish with MAAS...
More information about the Maas-devel
mailing list