In article <giai8i$144...@sf1.isc.org>, Stacey Jonathan Marshall <stacey.marsh...@sun.com> wrote:
> Reinaldo Matukuma wrote: > > Hello. > >> I'm in doubt about defining a SOA record to a zone. > >> Is this correct and valid? > >> > >> $TTL 86400 > >> $ORIGIN teste.com. > >> @ 1D IN SOA @ root ( > >> 42 ; serial (d. > >> adams) > >> 3H ; refresh > >> 15M ; retry > >> 1W ; expiry > >> 1D ) ; minimum > >> > >> 1D IN NS @ > >> 1D IN A 192.168.1.3 > >> www IN A 192.168.1.2 > >> > >> > >> This is just a example. In fact, my zone will be a public zone with > >> valid > >> ip addresses. > >> > >> My doubt is if it's correct specify the "owner" and "source-dname" with > >> "@", once "@" denotes the current origin. If I used $ORIGIN like in > >> example > >> then I suppose that "@" will define just "teste.com" too. > >> > >> But I make this test into a interna DNS server and look as a valid > >> configuration. > >> > > > I've seen a number of configurations where the $ORIGIN is set and then > the '@' sign is used as the first position in the SOA. > But I've never understood that as I thought that the idea of the @ was > to use the ORIGIN as defined in the 'zone' statement. Either way the > ISC training suggested that the @ not be used in practice as its often > looked-over and inappropriately copied to other files. Therefore I > would suggest that placing the '@' character in other locations really > isn't a good idea. think about the inverse address, the above isn't > going to work there. "@" represents whatever the current origin is. If you have no $ORIGIN directives then this defaults to the one in the "zone" statement in the named.conf. If you do have $ORIGIN, @ will be replaced with the most recent origin specified that way. The benefit of "@" is not having to retype the zone name throughout the file. For subdomains you achieve this by entering relative names (with no trailing "."), but if you want to use the zone name (or origin) itself you need to use "@" to achieve this. There's nothing wrong with using it on the RHS, although this is relatively uncommon because it's unusual to point anything to the zone itself except maybe as a synonym for www.<zone>. The above example uses the zone name as the nameserver, which is quite unusual I think. While copying records like this may sometimes be inappropriate, it also can make things easier. It's not uncommon to have lots of domains that are all identical, and you can do this by using the same file for all of them. This works as long as the zone file only uses relative names. -- Barry Margolin, bar...@alum.mit.edu Arlington, MA *** PLEASE don't copy me on replies, I'll read them in the group *** _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
