Help to make a new DNS server
Kevin Darcy
kcd at daimlerchrysler.com
Fri Nov 5 00:50:20 UTC 2004
Yena wrote:
>"Kevin Darcy" <kcd at daimlerchrysler.com> ha scritto nel messaggio
>news:cmc2jl$r4v$1 at sf1.isc.org...
>
>
>>Yena wrote:
>>
>>
>>
>>>Hi, i would like to setup a DNS Server.
>>>Please, i need some help to check mi step:
>>>
>>>1) I have registered my domain:
>>> example.cxm
>>>
>>>2) I have installed Bind 9.2.1 on a RedHat 9 Server.
>>>
>>>
>>>
>>BIND 9.2.1 is old. You should be running something more up-to-date.
>>
>>
>>
>>>I have created my zone file in /var/named/pz:
>>>-------------------------------------------------------------
>>>$TTL 60
>>>@ IN SOA ns1.example.cxm. info.example.cxm. (
>>> 2001122007;
>>> 6H;
>>> 2H;
>>> 1W;
>>> 1H );
>>> NS ns1.example.cxm.
>>> NS ns2.example.cxm.
>>> MX 5 mail.example.cxm.
>>>
>>>localhost A 127.0.0.1
>>>example.cxm. A xxx.xxx.xxx.xxx
>>>mail A xxx.xxx.xxx.xxx
>>>www A xxx.xxx.xxx.xxx
>>>ns1 A xxx.xxx.xxx.xxx
>>>ns2 A xxx.xxx.xxx.yyy
>>>-------------------------------------------------------------
>>>
>>>and i have add in named.conf:
>>>zone "example.cxm" { type master; file "pz/example.cxm"; };
>>>
>>>3) I have add in my registrant pannel the 2 new DNS:
>>> ns1.example.cxm
>>> ns2.example.cxm
>>>
>>>Is it all correct?
>>>
>>>
>>>
>>A TTL of 60 seconds for data which generally doesn't change very often
>>(SOA, NS, MX, the "localhost" A record) is pretty extreme. If you need
>>that degree of volatility for certain A records, then limit the
>>60-second TTL to just those records, and put everything else higher (at
>>least an hour). Remember that low TTLs not only overwork your
>>nameserver, but every nameserver that talks to yours. So it's rather
>>anti-social to set them so low without a good reason.
>>
>>As a matter of style, I would stick with fully-qualified owner names
>>(the ones on the lefthand side) or non-fully-qualified owner names
>>consistently within your zone file. Your zone file is inconsistent in
>>this respect because "example.cxm." is fully-qualified, but no other
>>owner name is. I'd move that record above the "localhost" line, where
>>you can just use whitespace as the owner name (which means it "inherits"
>>the previous non-whitespace owner name, i.e. "@", i.e. the name of the
>>zone, namely "example.cxm.").
>>
>>Speaking of "localhost", are you sure you need that? I usually don't
>>bother with it, with no ill effects. Reportedly some apps need it, but
>>you could always monitor your query logs, and if nothing is querying
>>that name, just rip that clutter out of your zone file...
>>
>>As for the "registrant pannel", I'll take your word for it that this is
>>the correct way to create a delegation with your registrar. Each
>>registrar is free to provide their own delegation-request mechanisms, so
>>it's hard to generalize on whether a given method is right or wrong.
>>
>>
>>
>>>Have i to set or do something else?
>>>Have i to set also the PTR record?
>>>
>>>
>>>
>>Officially, no. However, if you want to send mail be aware that many
>>mail server setups these days do reverse lookups as an anti-spam
>>measure, so without a PTR record for your outbound mail server(s), you
>>may run into difficulties.
>>
>>
>
>Thanks Kevin, now all is more clear :-)
>Please, can you help me onother time ? ..
>i would like to set my DNS to provide an "unlimited" CNAME
>like:
>* IN CNAME example.com
>so i can create in my Apache httpd.conf a directive like:
>NameVirtualHost *.example.com
>and so add all my VHOSTs.
>I have seen it in this domain: kakkiate.com.
>How can i do it?
>is it correct my record (* IN CNAME example.cxm )?
>
You can create a wildcard just as you describe. Just be aware that
wildcards can have unexpected consequences, and thus might require
special handling in your SMTP configuration and so forth.
- Kevin
More information about the bind-users
mailing list