bind on vps

Walter Alejandro Iglesias eloi at roquesor.com
Sun Feb 13 23:40:35 UTC 2011 

On Sun, Feb 13, 2011 at 10:12:34PM +0100, Torinthiel wrote:
> On 02/13/11 17:16, Walter Alejandro Iglesias wrote:
> > On Sun, Feb 13, 2011 at 02:13:48PM +0100, Torinthiel wrote:
> It's not only good practice, it's a requirement per RFC103[45]. You'll
> go by with two IPs for one machine, and if it's only HTTP there won't be
> enough difference if this machine fails. However you could also consider
> looking for some other DNS services. Some ISPs provide secondary for
> free, there might also be a free DNS service somewhere. Or you could
> find someone in similar situation as you and be secondary for each other.
> 

I did it with zoneedit.  Now I have it running.

> > Stop here, this is my obscure point: how do you get that your
> > dns be asked?  What do you need?  What must I ask to my isp
> > (my vps provider in this case) for?  What do you mean by "to be
> > designated nameserver for the IPs"?
> 
> Generally (not only for reverse DNS) you need one thing: delegation.
> That is, the parent zone (this being .com for mydomain.com and
> 22.11.in-addr.arpa here) needs to answer 'I don't know about
> mydomain.com, ask ns.mydomain.com'. And that's the part your server has
> nothing to say yet, as it happens before query reaches your server.
> Usually (that being the three places I know personally ;) the place
> where you register your domain has some kind of web panel where you can
> either setup the zone (if you use their nameservers) and/or enter the
> nameservers you want to handle queries. And that's the part you want to do.

This is I've explained I did at godaddy.  At godaddy you have
two forms at each domain, one to set the ns servers for the
domain and other called Host Summary where you associate ns to
the ip.  If this is what I think it is for :), then it should
publish your ns1 and ns2 (at least this I've read in some
forum):

> Now, specific about this part: first, disclaimer: I've never
> administrated any reverse zones.  But still, probably your
> ISP/VPS provider would be the place to ask. Try doing dig -x
> 11.22.33.44 > , and if it returns anything, then you have
> reverse set up. Maybe some web panel from your ISP allows
> you to change that to anything else, and maybe you even need
> it. But if you are doing only HTTP and DNS than anything
> would be fine, as long as it resolves to anything, and
> resolves back to you (so if you do dig -x 11.22.33.44 and
> then dig what-you-got-from-previous you end with
> 11.22.33.44).  IMHO you don't need to handle any
> in-addr.arpa zone at all, your ISP does it for you. You
> could change what it resolves to, via a web interface and/or
> email directly to them,but chances are you don't need it.
> 

I've told you in my first message, dig [-x], nslookup just
works from inside the vps (because I set localhost at
resolv.conf).

> >> Second - what is the name of 11.22.33.44? Is it mydomain.com?
> >> www.mydomain.com? ns1.mydomain.com? AFAIK there can be only one PTR record.
> >>
> > 
> > Yes, I release of my mistake.  Just one domain for ip.
> > 
> >>> In case my configuration is OK,
> >>> what must I ask to my vps provider?
> >>
> >> Probably nothing. If you can dig/nslookup on your host from external
> >> hosts, then it looks they don't need to do anything.
> >>
> > 
> > This is exactly what a cannot do: to dig/nslookup from
> > external hosts.
> 
> Not exactly. You've stated that you CAN ask your server from external
> hosts,

I which way?  Where did I state this?

> but only if you specify to ask it. What you want to achieve is
> having valid resolution without asking your specific server. And that's
> the delegation step.

The only way I could access to my server is using the ip
address.  Sorry if I did not explained myself correctly.
 
> > Well, my goal (tell me if it is a fantasy:)) is to be able to
> > update automatically my registers.  I ignore the features and
> > flexibility of bind, perhaps I should change the strategy.
> > Could you give me some clue?  Can I use bind just as slave of
> > the external name server (being it godaddy's dns or my vps
> > provider's one)?
> 
> Being a slave server won't do you any good, slave (as the name suggests)
> has nothing to say about contents of the zone.
> The main problem here is that you want to update delegations, which
> don't depend on your server. I don't think a fully automated setup is
> possible, at least if your registry doesn't provide some non-webpage
> interface to alter delegations. There would be at least one
> non-automated step: buying the domain and telling (it should be possible
> in the process) that it should be handled by your servers.
> It's a once per zone operation, but has to be done.
> Rest (adding zone for your bind, changing the IP it resolves to) could
> be automated.

I will not resell domain names.  I will setup a KISS web
server :).  But anyway, I will go with zoneedit that it is the
good practice.  The question pending is how to setup a dns
server from scratch.  If further on I have more clients I will
rent a small vps and I will see how to get it working.


Well, Torinthiel, I am grateful for your patience.

> 
> Torinthiel
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users

More information about the bind-users mailing list