DNS recs, a beginners question
Stephane Bortzmeyer
bortzmeyer at nic.fr
Mon Sep 20 07:40:15 UTC 2004
On Fri, Sep 17, 2004 at 08:21:25PM +0200,
Arun Dev <nospam at pleaz.xy> wrote
a message of 96 lines which said:
> It is all bewildering at the beginning. I will make it a point to
> "play" with a test installation.
Or you can say "I will work in the Network Lab today", it sounds
better than "I will play with the test installation" :-)
> Running bind on an isolated machine, and querying nslookup with
> server as localhost, would that be sufficient?
More than enough for most things. Of course, one day or the other, you
will have to test with the real Internet. And dig is much better than
nslookup for debugging. And I recommend Zonecheck
(http://www.zonecheck.fr/) as well.
> ns1.isp.net
> ns2.isp.net
OK, replace every NS record by:
IN NS ns1.isp.net.
IN NS ns2.isp.net.
> > d IN PTR iron.schoolx.yz.
>
> Again the last line is the critical one.
>
> Why you all omit the first three numbers of the IP-address
> (d instead of a.b.c.d)?
Because they are implicit from the origin (the zone file is for
c.b.a.in-addr.arpa, no need to repeat it in the file).
> I was thinking of the MX records. Usually one gives top priority to
> the own server and backup servers get less priority.
Yes, and it is the reason why most spamming engines test the lower
priority MX first: they typically have less filters and less antispam
protections.
I agree with Barry Margolin: in most cases, backup MX servers are more
trouble (specially in filter synchronization) than they are worth it.
More information about the bind-users
mailing list