We instruct users on the change of DNS
Recently, a problem has appeared - to remove a couple of old DNS-servers (provider, for users).
The problem was that for a large number of users these DNS were registered statically. So if you simply disable these DNS, a large number of calls would fall on technical support. And they didn’t want to hear their nudes of ear.
The first option that came to mind - ISG Layer 4 Redirect: collect the logins of users who go to the old DNS, and add them to the RADIUS group with L4R. However, the user would not see the result of changes in their moods right away, because the L4R group is changed by administrators. Well, or I would have to write a bunch of scripts that would check whether requests from this user stopped or not and, if so, change the group. In general, a lot of unnecessary, uninteresting work.
The second option is to redirect all requests to some web server with instructions for changing DNS settings.
After a rather lengthy search process (laziness to think for myself;)), which was unsuccessful, I began to think for myself, and after some time the solution came up, and the simplest one: we give all the users going to this DNS one single address. At this address, we raise nginx, which for any request will display a page with instructions for changing DNS settings.
Settings for bind
/etc/bind/named/named.conf.local.dumb:
/etc/bind/db.dumb:
Settings for nginx
True, a problem arises - the OS and browsers cache DNS responses, and you have to add a fad about it to the instructions.
The problem was that for a large number of users these DNS were registered statically. So if you simply disable these DNS, a large number of calls would fall on technical support. And they didn’t want to hear their nudes of ear.
The first option that came to mind - ISG Layer 4 Redirect: collect the logins of users who go to the old DNS, and add them to the RADIUS group with L4R. However, the user would not see the result of changes in their moods right away, because the L4R group is changed by administrators. Well, or I would have to write a bunch of scripts that would check whether requests from this user stopped or not and, if so, change the group. In general, a lot of unnecessary, uninteresting work.
The second option is to redirect all requests to some web server with instructions for changing DNS settings.
After a rather lengthy search process (laziness to think for myself;)), which was unsuccessful, I began to think for myself, and after some time the solution came up, and the simplest one: we give all the users going to this DNS one single address. At this address, we raise nginx, which for any request will display a page with instructions for changing DNS settings.
Settings for bind
/etc/bind/named/named.conf.local.dumb:
view "dumb" {
match-clients {dumb-clients; };
zone "." {type master; file "/etc/bind/db.dumb"; };
};/etc/bind/db.dumb:
$ TTL 1m
@ IN SOA domain.name. dnsmaster.domain.name. (
4 ; Serial
604800; Refresh
86400; Retry
2,419,200; Expire
604800); Negative Cache TTL
@ IN NS notify.domain.name.
* IN A addressSettings for nginx
server {
listen 80;
server_name notify.domain.name;
root / var / www / p80 /;
index index.html;
error_page 404 /index.html;
}True, a problem arises - the OS and browsers cache DNS responses, and you have to add a fad about it to the instructions.