[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: DNS



On Sat, Jun 24, 2000 at 02:09:24PM +0300, ksemat at eahd.or.ug wrote:
> What I mean't was that initially I wanted my ISP to delegate the reverse
> zone for my IP to my nameserver that is simply what I meant by being the
> SOA sorry for putting it out wrongly. I laso wanted it in such a way
> that if someone wanted 208.132.129.216.in-addr.arpa they would be
> directed to my server as the server from which to get authoritative
> answers.

OK. Well in _principle_ you could be delegated a zone which contains a
single IP address only; but I've never seen anyone attempt this in practice.

The next level of delegation is the whole /24, i.e. 129.132.208.in-addr.arpa

If you have a range of IP addresses, and you want control over the reverse,
you can get the next level above to pseudo-delegate using CNAMEs (RFC2317)

208   CNAME  208.in-addr.eahd.or.ug.
209   CNAME  209.in-addr.eahd.or.ug.
...

then you can put in your own forward zone file

208.in-addr   PTR   machine1.eahd.or.ug.
209.in-addr   PTR   machine1.eahd.or.ug.
...

But you may find it simpler and easier just to get your upstream to handle
your reverse DNS for you, and make changes when necessary.

> So otherwise all these errors it is reporting about its files being wrong
> should I just ignore them?

You mean with rpm -V? Yes I think so. If you wanted to tidy it you could
remove both the bind and bind8 packages, then reinstall bind8 by itself.

I'm coming to the conclusion that there's nothing wrong with bind on your
machine, it's your machine itself which is sick. If it was my ISP, I would
rebuild the nameserver onto a fresh PC, running FreeBSD, and have it doing
nothing else except being a nameserver.

In fact, I'd build two boxes as caching (only) nameservers, and one or two
as primary/secondary only (with recursion turned off).

Regards,

Brian.

-----
This is the afnog mailing list, managed by Majordomo 1.94.4

To send a message to this list, e-mail afnog at afnog.org
To send a requet to majordomo, e-mail majordomo at afnog.org and put
your request in the body of the message (i.e use "help" for help)

This list is mantained by owner-afnog at afnog.org