No subject


Tue Apr 2 00:56:56 UTC 2013 

you applied for your block of 8 static IPs, you can assign
hostnames to your 8 (actually 5 of the 8) IP addresses.  This
assumes you registered origdomain.com in order to get them.
This in effect, adds reverse lookup capability to your subnet
of 8 IPs.  (As of recent, mid 1999, USW does not want to
set up these blocks of 8 IPs so users can run their own
reverse domain zones.  They claim there is too much trouble
with the idea of setting up classless blocks of IP addresses.
That is at least what they told me.  I believe they will
still run secondary on your original domain though, just
not your additional domains.)

	(reserved by USW)	209.170.100.xxx		gateway
	ns1.origdomain.com	209.170.100.xxx+1
	ns2.origdomain.com	209.170.100.xxx+2
	www.origdomain.com	209.170.100.xxx+3
	...
	(reserved by USW)	209.170.100.xxx+7	brdcast

This will give you a place to create two public namesevers
that you can use when you register additional domain names.
For each new domain name registered, enter those two name-
server references for your primary and secondary ns's in
the registration form for the new domain name (i.e. via
networksolutions.com or ...).

Then on your name servers, you can create a primary and 
secondary zone files for each new domain name you register
with the pertinent hostnames (i.e. www, ftp, etc.) pointing
toward whichever of the 5 (of 8) IPs (referencing the number
itself, not the hostname/domain name) will serve that function
(web server, ftp server, mail...) and the NS records pointing
toward your nameservers.

named.origdomain:
...(define NS and TTL per books on the topic)...
ns1		IN	A	209.170.100.xxx+1
ns2		IN`	A	209.170.100.xxx+2
www		IN	A	209.170.100.xxx+3
...

named.newdomain:
...(point NS records to your name servers, TTL...)...
www		IN	A	209.170.100.xxx+3
...

(Most of the next paragraph relates to web hosting,
although ftp, mail, etc hosting can be done with a
bit more configuring - especially sendmail.)
This way, all web requests for all domains you host
will go to your web server (xxx+3).  Then you use Virtual
Web hosting (or virtual FTP, Mail, whatever) on the xxx+3
server to differentiate the HTTP headers to correlate to
the correct vitrual web site (Apache and IIS can both do
this).  This will require browsers to use HTTP 1.1, but
there are work arounds for 1.0.  There are HOW-TOs for 
Linux virtual hosting as well as books/online refs for IIS.

If you have the knowledge, you can run a very simple external
DNS setup for each domain, and each domain zone points the
requests to a reverse proxy server(s) (Apache with proxy modules
or NT with MS Proxy Server 2).  You would then also need to
run an internal DNS (split-brain or shadow DNS) that would allow
the proxy server to map incoming domainname:service requests
from the proxy server to the appropriate internal server:service.
By doing this, you can use private IP addresses in the internal DNS.
This would allow unlimited addressing behind the proxy, which means
unlimited servers.  This also lends well to enable packet filtering
on the proxy server(s) and the establishment a firewall to protect
your internal servers.  You would still need to perform some security
precautions on your external DNS server(s) as well (which can be run
on the proxy servers - but that may require additional setup with
DNS request forwarding, internal roots, etc. - depends on how you
set up the internal and external DNS servers).

Whichever way you go, you can run primary and either you or
your friend can run secondary.

The end result of all this, is that you can provide (forward)
lookup for all domains you register and intend to host (and
you can configure web, ftp, mail, etc. services for each
domain), but you cannot provide any sort of reverse lookup.
The only reverse lookup you get is that provided by USW for
the 5 of the 8 IPs you have through them.  This doesn't really
pose too much of a problem for most protocols (HTTP, FTP, etc),
but may require additional steps to get the protocol working
through any proxy servers/firewalls if you use them.

Be sure to subscribe to these newsgroups:

	comp os linux networking
	comp protocols dns bind
	comp mail sendmail
	microsoft public windowsnt dns
	microsoft public proxy
	(there is also one on cable modems/xDSL)
	(and probably some on Apache / IIS)

They offer a plethora of info relating to all this!  Also,
grab some O'Reilly books and MS Press books on some of
these topics...

Good luck,
-Tony V.

NOTE:  These are my personal comments/opinions.  They do 
not reflect that of my employer.



"John L. Borda" wrote:
> 
> I have 8 static IP address from US West (216.160.66.192-199).  US West only
> let's me host one domain so I want to set up my own DNS server (a friend
> said he would be my secondary).  Here are the questions:
> 
> 1) Can I do this since US West "owns" the address and I lease them
> 2) How do I set up the reverse lookup file since it is a subnetted class C
> range.  (I have the O'Reilly book but it lost me on how to do this).
> 3) Do I have to "register" my DNS server with anybody

More information about the bind-users mailing list