CNAME / MX Record question
David Miller
dmiller at tiggee.com
Sun Aug 7 18:08:07 UTC 2011
On 8/7/2011 9:05 AM, Scott Hughes wrote:
> All,
>
> I have Googled and searched the archives for two days and cannot find
> an answer to this question... just more confusion! Please forgive me
> ahead of time as I run two name servers for my mid-sized company and
> am by no means an expert in using bind DNS. We have about eight
> domains but don't have a lot of records for each zone. Here is my issue:
>
> We are moving to a two Exchange server / two data center model for
> auto-failover reasons. Both data centers are in to different locations
> and have multiple internet pipes and tier 1 providers coming into
> their data centers.
>
> Here is what I'm trying to do:
>
> For example, our email domain name on the Exchange servers is:
> mail.blahblah.us <http://mail.blahblah.us> Our spam filtering
> device is: spam.blahblah.us <http://spam.blahblah.us> and is the MX
> record. In the blahblah.us <http://blahblah.us> zone file I have A
> records pointing to both correctly.
>
> Our problem comes in on our other domains. I am trying to point
> mail.company1.com <http://mail.company1.com> to mail.blahblah.us
> <http://mail.blahblah.us> and spam.company1.com
> <http://spam.company1.com> to spam.blahblah.us
> <http://spam.blahblah.us> using CNAME records. I'm obviously doing
> this wrong or trying to do something that can't or shouldn't be done.
> Like I said, I am fairly new to bind9 but I'd sure rather use it than
> something link MS DNS servers!
>
> What I am attempting to do is make it so that if an outside email
> server or inside user goes to mail.company1.com
> <http://mail.company1.com> or spam.company1.com
> <http://spam.company1.com> they are 'redirected' to the blahblah.us
> <http://blahblah.us> domain where our UCC cert covers both of the
> Exchange servers.
>
> Please let me know if I've left anything out that would be helpful in
> answering these questions.
>
>
blahblah.us and company1.com are actual registered domain names. If
they are registered to you, then using these domains in examples is
fine... if not, then better to use RFC2606 names...
If I understand your environment correctly:
Your "main domain" - example.com - looks (in part) like this:
// Begin example.com
$TTL 86400
@ IN SOA ns1.example.com. contact.example.com. (
2011080701 ; serial number YYMMDDNN
28800 ; Refresh
7200 ; Retry
864000 ; Expire
86400 ; Min TTL
)
NS ns1.example.com.
NS ns2.example.com.
MX 10 spam.example.com.
MX 20 spam2.example.com.
$ORIGIN example.com.
spam IN A 192.0.2.25
spam2 IN A 192.0.2.26
mail IN A 192.0.2.30
// End example.com
There is no reason that example.net (another of your domains) can't look
like this:
// Begin example.net
$TTL 86400
@ IN SOA ns1.example.com. contact.example.net. (
2011080701 ; serial number YYMMDDNN
28800 ; Refresh
7200 ; Retry
864000 ; Expire
86400 ; Min TTL
)
NS ns1.example.com.
NS ns2.example.com.
MX 10 spam.example.com.
MX 20 spam2.example.com.
$ORIGIN example.net.
// End example.net
^^^ MX records in example.net point to example.com hosts (which are A
records).
If you have a 'requirement' that the users for example.net configure
their mail clients with example.net mail server hostnames, then you can
create a CNAME record in example.net that aliases mail.example.net to
mail.example.com.
If, however, you have a 'requirement' to make it 'seem' that example.com
and example.net have 'independent' mail servers at a DNS level - i.e.
you want to use MX records in example.net that are in example.net, then
you need to add A records for spam & spam2 in example.net that point to
the IP addresses of these hosts (and you need to do this for all domains
'like' example.net as well -and- update the A records in all of these
domains if the IP addresses of these hosts change in the future... c'est
la DNS). Like so:
// Begin example.com
$TTL 86400
@ IN SOA ns1.example.com. contact.example.com. (
2011080701 ; serial number YYMMDDNN
28800 ; Refresh
7200 ; Retry
864000 ; Expire
86400 ; Min TTL
)
NS ns1.example.com.
NS ns2.example.com.
MX 10 spam.example.com.
MX 20 spam2.example.com.
$ORIGIN example.com.
spam IN A 192.0.2.25
spam2 IN A 192.0.2.26
mail IN A 192.0.2.30
// End example.com
// Begin example.net
$TTL 86400
@ IN SOA ns1.example.com. contact.example.net. (
2011080701 ; serial number YYMMDDNN
28800 ; Refresh
7200 ; Retry
864000 ; Expire
86400 ; Min TTL
)
NS ns1.example.com.
NS ns2.example.com.
MX 10 spam.example.net.
MX 20 spam2.example.net.
$ORIGIN example.net.
spam IN A 192.0.2.25
spam2 IN A 192.0.2.26
mail IN CNAME mail.example.com.
// End example.net
// Begin example.org
$TTL 86400
@ IN SOA ns1.example.com. contact.example.org. (
2011080701 ; serial number YYMMDDNN
28800 ; Refresh
7200 ; Retry
864000 ; Expire
86400 ; Min TTL
)
NS ns1.example.com.
NS ns2.example.com.
MX 10 spam.example.org.
MX 20 spam2.example.org.
$ORIGIN example.org.
spam IN A 192.0.2.25
spam2 IN A 192.0.2.26
mail IN CNAME mail.example.com.
// End example.org
HTH,
-DMM
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20110807/6c0e16d5/attachment.html>
More information about the bind-users
mailing list