Default Responses

Brian · June 16, 2011, 12:47pm

Can Unbound, out of the box, be configured to have a default response? IE respond to a query for doesnotexist.com (this would normally respond NXDomain) with some sort of answer?

Robert_Edmonds · June 16, 2011, 2:02pm

Brian Smith wrote:

Can Unbound, out of the box, be configured to have a default
response? IE respond to a query for doesnotexist.com (this would
normally respond NXDomain) with some sort of answer?

and now for the regularly scheduled NXDOMAIN rewriting flame war...
perhaps there should be an "unbound-abusers" mailing list

Brian · June 16, 2011, 8:25pm

I'm didn't mean to start a flame war, I've been reading through the
code and configs. I thought that I might have been missing something.

-brian

Robert_Edmonds · June 16, 2011, 9:27pm

Brian wrote:

I'm didn't mean to start a flame war, I've been reading through the
code and configs. I thought that I might have been missing something.

the feature that you're after is commonly called "NXDOMAIN rewriting"
and it's fairly controversial. and it seems a somewhat regular
occurrence for a new unbound-users@ subscriber to ask how to do it

Attila_Nagy · September 29, 2011, 10:08am

Hi,

Can Unbound, out of the box, be configured to have a default response? IE respond to a query for doesnotexist.com (this would normally respond NXDomain) with some sort of answer?

Just for the archive (and if you don’t give a shit about the debian way), you can easily achieve this with a python helper module:
class unbound():
def init(self, id, cfg):
return True
`def deinit(self, id):` `return True`
def inform_super(self, id, qstate, superqstate, qdata):
return True
`def operate(self, id, event, qstate, qdata):` `if (event == MODULE_EVENT_PASS) or (event == MODULE_EVENT_NEW):` `qstate.ext_state[id] = MODULE_WAIT_MODULE` `return True`
if event == MODULE_EVENT_MODDONE:
if (qstate.return_msg and qstate.qinfo.qtype_str=='A'):
flags = qstate.return_msg.rep.flags & 0xf
if flags == RCODE_NXDOMAIN:
msg = DNSMessage(qstate.qinfo.qname_str, RR_TYPE_A, RR_CLASS_IN, PKT_QR | PKT_RA | PKT_AA)
if (qstate.qinfo.qtype == RR_TYPE_A) or (qstate.qinfo.qtype == RR_TYPE_ANY):
msg.answer.append("%s 10 IN A 127.0.0.1" % qstate.qinfo.qname_str)
if not msg.set_return_msg(qstate):
qstate.ext_state[id] = MODULE_ERROR
return True
``
#we don't need validation, result is valid
qstate.return_msg.rep.security = 2
qstate.return_rcode = RCODE_NOERROR
qstate.ext_state[id] = MODULE_FINISHED
return True

qstate.ext_state[id] = MODULE_FINISHED
return True

dnsObj = unbound()
init = dnsObj.init
deinit = dnsObj.deinit
operate = dnsObj.operate
inform_super = dnsObj.inform_super

This will give back 127.0.0.1 for every NXDOMAIN answers for A RR type queries with a 10 seconds TTL.