How to host a single record
Jeff Lasman
blists at nobaloney.net
Wed Jan 28 01:40:41 UTC 2004
On Tuesday 27 January 2004 01:22 pm, Eric Schubert wrote:
> My company 'us.com' (not really :)) is an ISP/ASP in that we host
> domains and web applications on our custom platform. We usually host
> the entire domain and have a unique zone file for each domain and our
> DNS server is the authoritative server for all requests for that
> domain.
Hiding your real domain name does nothing except make it impossible for
any of us have access to reliable information in attempting to help
you.
> Here's what I need help with. We need to host only a host not the
> entire domain and not a subdomain for a new customer.
> 'newcustomer.org' has it's domain registered and pointing to their
> DNS servers and they have 1 A record 'certify' pointing to our
> webserver
As it should be.
> nslookup on www.newcustomer.com and newcustomer.com points to
> newcustomer.org web servers nslookup on certify.newcustomer.com point
> to our webservers.
Also as it should be.
> Question: How do I alter the zone file below for newcustomer.com so
> it only answers for 'certify' and nothing else?
You shouldn't be authoritative for their site at all.
Why would you want to be?
Why would they want you to be?
> Here's a template of a 'standard' zone file for our setup.
> -------------------------------------------------------
> $ORIGIN com.
> newcompany 10800 IN SOA dns1.us.com. dnsadmin.us.com.
> ( 2001050201 3600 900 86400 10800 )
> ;Cl=2
> 10800 IN NS dns1.us.com.
> ;Cl=2 10800 IN NS dns2.us.com. ;Cl=2 10800
> IN MX 10 mail.newcompany.com. ;Cl=2
> 10800 IN A 192.168.0.5
> ;Cl=2
> $ORIGIN newcompany.com.
> mywebs 10800 IN A 192.168.0.5 ;Cl=2
> www 10800 IN CNAME mywebs
> ;Cl=2
> ftp 10800 IN CNAME ftp.us.com.
> ;Cl=2 secure 10800 IN CNAME secure.us.com.
> ;Cl=2
Best bet would be for you to not have a zone file, and to not list what
you call newcompany.com in your conf file.
But if for some reason you need to be authoritative for the certify
subdomain, then they need to change their DNS to take out the A record
for certify, and add two NS records for certify, one for each of your
nameservers.
Then you could use something like this:
<snip>
$ORIGIN newcompany.com.
certify 10800 IN SOA dns1.us.com. dnsadmin.us.com. (
2001050201 3600 900 86400 10800 )
certify 10800 IN NS dns1.us.com.
certify 10800 IN NS dns2.us.com.
certify 10800 IN MX 10 mail.newcompany.com.
certify 10800 IN A 192.168.0.5
</snip>
Where 192.168.0.5 would be your name server, and would be public address
rather than the nonroutable address you've given us as an example.
If they also want you to be able to serve pages for
www.certify.newcustomer.com, then you should also have an A record for
www.certify
DNS is arguably the largest and most publicly accessable distributed
database in the world; why would you want to hide from us information
we can use to help you?
Jeff
--
Jeff Lasman, nobaloney.net, P. O. Box 52672, Riverside, CA 92517 US
Professional Internet Services & Support / Consulting / Colocation
Our blists address used on lists is for list email only
Phone +1 909 324-9706, or see: "http://www.nobaloney.net/contactus.html"
More information about the bind-users
mailing list