Is there any DNS software that can translate incoming responses conditionally?
Basically we have a corporate DNS server that hijacks NXDOMAIN. As bad as this is, it doesnt' really affect most day-to-day activities. However it's causing problems with some 3rd party software, causing it to misbehave on occasion.
Now - I've attempted to get this changed to no avail. So what I'd like to do is stick a DNS proxy in front of the test env, which doesn't do anything except act as a DNS forwarder, but with the added functionality of being able to return NXDOMAIN when it recieves a specific IP address in response to to an A lookup.
I can't override the DNS - if I need to do external queries, they have to go through the corporate DNS (DNS requests are firewalled).
Other than expending lots of effort to try and get this behaviour turned off, is there anything out there that can do this (I've looked at BIND, but it's not immediately obvious that this can do it; similarly dnsmasq as well. If these can do it, then my google-fu has failed, and just pointing me at the docs that says "this is how you do it" would be grand, ta :-) ).
dnsmasq has this as a built in feature after the verisign .com hijack fiasco. See the --bogus-nxdomain option on http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html.
you could probably use the powerdns recursor with lua scripting to achieve this