Re: DNS

[ksemat at eahd.or.ug]

Yeah that is quite true but would it be for every single IP address or
just for those that I want to delegate? Because I only want to delegate
about three IPs. So can I have my file like this
 at  IN SOA dar1.afsat.com ....
 at  IN NS ...
 at  IN NS .....
1 IN PTR ....
2 IN PTR ....
etc
208 86400 IN NS eahd.or.ug.
I hope this is possible but is it necessary? Can various clients run DNS
without being authoritative for their reverse zone and have no problems at
all? i.e can I have for example just a a ptr record on dar1 pointing
208.132.129.216.in-addr.arpa to eahd.or.ug and eahd will run a name server
without any problems? Because if this is so then there is no need to go to
all this trouble.
Also I have taken your suggestion seriously and I am going to implement it
but my question is that can a 330 MHZ 3Gigabyte pentium II processor
handle the DNS load in the meantime?
There would be about 90 zones on it and yet I want it to do recursive
queries because some clients use it as a relay for their mail.
Also I have only been on linux for less than a year and haven't really
used BSD can you point me to places where I can a get a really good
firewall I understand that BSD does not use ipchains which is what I know
and I don't yet reallt know ipfilter and ipfwadm.
I am going to read up on them but in that time I will need something to
give me some basic protection.
Thank you so much for your patience with my newbie questions and answering
them so well.
 On Sat, 24 Jun 2000, Brian Candler
wrote:

> Date: Sat, 24 Jun 2000 15:41:05 +0100
> From: Brian Candler <B.Candler at pobox.com>
> To: ksemat at eahd.or.ug
> Cc: afnog at afnog.org
> Subject: Re: DNS
> 
> On Sat, Jun 24, 2000 at 04:52:08PM +0300, ksemat at eahd.or.ug wrote:
> > I read about delegating single IPs in O'Reilly's DNS AND BIND on page 215
> > and I think with CIDR it can be done.
> 
> To delegate single IP addresses, you would need:
> 
> zone "208.132.129.216.in-addr.arpa" IN {
>         type master;
>         file "master/db.216.129.132.208";
> };
> 
> and repeat this for every single IP address you have; each one would have
> its own zone file, which would contain:
>  at   SOA  ( ... )
>    NS   ...
>    NS   ...
>    PTR  required.host.name.
> 
> What makes this a real pain is that you have to set up secondary zones on
> another machine, one for every single IP address you want to do in this way.
> 
> That's why the CNAME trick is suggested (also in DNS&BIND, 3rd ed, p217)
> 
> If you only have one or two machines, I think you're better just getting
> your upstream to put the appropriate PTR records directly in the zone for
> the /24.
> 
> Regards,
> 
> Brian.
> 

Sematimba Noah
Network Administrator
Uganda Online
-------------------------------------------------------------------------------
ksemat at eahd.or.ug P.O.Box 1254 Kampala 



-----
This is the afnog mailing list, managed by Majordomo 1.94.4

To send a message to this list, e-mail afnog at afnog.org
To send a requet to majordomo, e-mail majordomo at afnog.org and put
your request in the body of the message (i.e use "help" for help)

This list is mantained by owner-afnog at afnog.org