On 8/7/2011 9:05 AM, Scott Hughes wrote:
All,
I have Googled and searched the archives for two days and cannot find
an answer to this question... just more confusion! Please forgive me
ahead of time as I run two name servers for my mid-sized company and
am by no means an expert in using bind DNS. We have about eight
domains but don't have a lot of records for each zone. Here is my issue:
We are moving to a two Exchange server / two data center model for
auto-failover reasons. Both data centers are in to different locations
and have multiple internet pipes and tier 1 providers coming into
their data centers.
Here is what I'm trying to do:
For example, our email domain name on the Exchange servers is:
mail.blahblah.us <http://mail.blahblah.us> Our spam filtering
device is: spam.blahblah.us <http://spam.blahblah.us> and is the MX
record. In the blahblah.us <http://blahblah.us> zone file I have A
records pointing to both correctly.
Our problem comes in on our other domains. I am trying to point
mail.company1.com <http://mail.company1.com> to mail.blahblah.us
<http://mail.blahblah.us> and spam.company1.com
<http://spam.company1.com> to spam.blahblah.us
<http://spam.blahblah.us> using CNAME records. I'm obviously doing
this wrong or trying to do something that can't or shouldn't be done.
Like I said, I am fairly new to bind9 but I'd sure rather use it than
something link MS DNS servers!
What I am attempting to do is make it so that if an outside email
server or inside user goes to mail.company1.com
<http://mail.company1.com> or spam.company1.com
<http://spam.company1.com> they are 'redirected' to the blahblah.us
<http://blahblah.us> domain where our UCC cert covers both of the
Exchange servers.
Please let me know if I've left anything out that would be helpful in
answering these questions.
blahblah.us and company1.com are actual registered domain names. If
they are registered to you, then using these domains in examples is
fine... if not, then better to use RFC2606 names...
If I understand your environment correctly:
Your "main domain" - example.com - looks (in part) like this:
// Begin example.com
$TTL 86400
@ IN SOA ns1.example.com. contact.example.com. (
2011080701 ; serial number YYMMDDNN
28800 ; Refresh
7200 ; Retry
864000 ; Expire
86400 ; Min TTL
)
NS ns1.example.com.
NS ns2.example.com.
MX 10 spam.example.com.
MX 20 spam2.example.com.
$ORIGIN example.com.
spam IN A 192.0.2.25
spam2 IN A 192.0.2.26
mail IN A 192.0.2.30
// End example.com
There is no reason that example.net (another of your domains) can't look
like this:
// Begin example.net
$TTL 86400
@ IN SOA ns1.example.com. contact.example.net. (
2011080701 ; serial number YYMMDDNN
28800 ; Refresh
7200 ; Retry
864000 ; Expire
86400 ; Min TTL
)
NS ns1.example.com.
NS ns2.example.com.
MX 10 spam.example.com.
MX 20 spam2.example.com.
$ORIGIN example.net.
// End example.net
^^^ MX records in example.net point to example.com hosts (which are A
records).
If you have a 'requirement' that the users for example.net configure
their mail clients with example.net mail server hostnames, then you can
create a CNAME record in example.net that aliases mail.example.net to
mail.example.com.
If, however, you have a 'requirement' to make it 'seem' that example.com
and example.net have 'independent' mail servers at a DNS level - i.e.
you want to use MX records in example.net that are in example.net, then
you need to add A records for spam & spam2 in example.net that point to
the IP addresses of these hosts (and you need to do this for all domains
'like' example.net as well -and- update the A records in all of these
domains if the IP addresses of these hosts change in the future... c'est
la DNS). Like so:
// Begin example.com
$TTL 86400
@ IN SOA ns1.example.com. contact.example.com. (
2011080701 ; serial number YYMMDDNN
28800 ; Refresh
7200 ; Retry
864000 ; Expire
86400 ; Min TTL
)
NS ns1.example.com.
NS ns2.example.com.
MX 10 spam.example.com.
MX 20 spam2.example.com.
$ORIGIN example.com.
spam IN A 192.0.2.25
spam2 IN A 192.0.2.26
mail IN A 192.0.2.30
// End example.com
// Begin example.net
$TTL 86400
@ IN SOA ns1.example.com. contact.example.net. (
2011080701 ; serial number YYMMDDNN
28800 ; Refresh
7200 ; Retry
864000 ; Expire
86400 ; Min TTL
)
NS ns1.example.com.
NS ns2.example.com.
MX 10 spam.example.net.
MX 20 spam2.example.net.
$ORIGIN example.net.
spam IN A 192.0.2.25
spam2 IN A 192.0.2.26
mail IN CNAME mail.example.com.
// End example.net
// Begin example.org
$TTL 86400
@ IN SOA ns1.example.com. contact.example.org. (
2011080701 ; serial number YYMMDDNN
28800 ; Refresh
7200 ; Retry
864000 ; Expire
86400 ; Min TTL
)
NS ns1.example.com.
NS ns2.example.com.
MX 10 spam.example.org.
MX 20 spam2.example.org.
$ORIGIN example.org.
spam IN A 192.0.2.25
spam2 IN A 192.0.2.26
mail IN CNAME mail.example.com.
// End example.org
HTH,
-DMM
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
