Re: Two domains reporting errors
I know you said, "Never mind," but you seem to be misunderstanding something here ... On Tue, Sep 09, 2014 at 07:42:56PM -0600, LuKreme wrote: > # named-checkconf -z | grep -v loaded > master/bt.tld:3: ignoring out-of-zone data (bt.tld) > master/bt.tld:15: ignoring out-of-zone data (webdav.bt.tld) > _default/dw.tld/IN: bad zone > master/bt.tld:16: ignoring out-of-zone data (www.bt.tld) > zone dw.tld/IN: has 0 SOA records > zone dw.tld/IN: has no NS records > > So, line 3 in bt.tld is the SOA line which looks as far as I can > tell, basically identical to every other file: You said this several times, but at least one was significantly different. > ==> master/covisp.net <== > $ORIGIN . > $TTL 86400 ; 1 day > covisp.net IN SOA covisp.net. root.covisp.net. ( You set "$ORIGIN ." so your unqualified "covisp.net" is in fact "covisp.net." (fully qualified.) > ==> master/bt.tld <== > $ORIGIN . > $TTL 86400 ; 1 day > bt.tldIN SOA bt.tld. root.covisp.net. ( Here also. > For the second domain, I don't understand the _default/dw.tld/IN > error at all, and the file starts like all the others: > > # head -3 master/dw.tld > $ORIGIN . > $TTL 86400 > @IN SOA dw.tld. root.covisp.net. ( "@" refers to the current $ORIGIN. When a zone file is initially loaded, $ORIGIN is implicitly set to the name of the zone. But you changed that, it's now the root! So "@" here means ".", and no, a zone file with "@" is not the same as a zone file with an explicit owner name for the SOA. My style recommendation: do not use $ORIGIN lines in zone files. Whilst named does it, you do not have to copy named. Leave out $ORIGIN, use @ to refer to the name of the zone, and unqualified owner names beneath @. $TTL 1d @ IN SOA ns hostmaster ( ... @ IN NS ns @ IN NS ns1 @ IN NS ns2 @ IN MX 0 mail mailIN A 192.0.2.25 ns IN A 192.0.2.53 ns1 IN A 192.0.2.35 ns2 IN A 192.0.2.36 Note that there are only relative names in my example. This could load as any zone name. You might want to use some fully-qualified names on the RHS, such as "root.covisp.net." as the SOA RNAME. -- http://rob0.nodns4.us/ Offlist GMX mail is seen only if "/dev/rob0" is in the Subject: ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: A record of domain name must be name server ?
> Hi, > > xxx.com and IP address 192.168.1.100 is just a example domain name and IP > address. Our boss want everybody access our domain example.com through > browser, then it will redirect to our web site www.example.com. So I want > to get more information about unexpected impact when we changed DNS records. > > Thanks for your help. > > Best Regards, > Pete Fong Here is how I have things set up here. Our domain is adi.com. We have three name servers set up. Our web site can be accessed as both www.adi.com and adi.com. Here is what I have on our zone file: @ in ns bluegill.adi.com. in ns a.dns.tds.net. in ns seahorse.adi.com. bluegillin A 75.100.245.131 seahorsein A 75.100.245.134 www in A 75.100.245.133 @ in A 75.100.245.133 @ in mx 0 mackerel.adi.com. in mx 10 seahorse.adi.com. in mx 20 bluegill.adi.com. Note that address 75.100.245.133 is entered twice. The mx records are to get email to work correctly. Tom Schulz Applied Dynamics Intl. sch...@adi.com ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: A record of domain name must be name server ?
In article , sch...@adi.com (Thomas Schulz) wrote: > > Hi, > > > > xxx.com and IP address 192.168.1.100 is just a example domain name and IP > > address. Our boss want everybody access our domain example.com through > > browser, then it will redirect to our web site www.example.com. So I want > > to get more information about unexpected impact when we changed DNS records. > > > > Thanks for your help. > > > > Best Regards, > > Pete Fong > > Here is how I have things set up here. Our domain is adi.com. We have > three name servers set up. Our web site can be accessed as both > www.adi.com and adi.com. Here is what I have on our zone file: > > > @ in ns bluegill.adi.com. > in ns a.dns.tds.net. > in ns seahorse.adi.com. > > bluegillin A 75.100.245.131 > seahorsein A 75.100.245.134 > www in A 75.100.245.133 > @ in A 75.100.245.133 > > @ in mx 0 mackerel.adi.com. > in mx 10 seahorse.adi.com. > in mx 20 bluegill.adi.com. > > Note that address 75.100.245.133 is entered twice. > The mx records are to get email to work correctly. And you could reduce maintenance very slightly by replacing www in A 75.100.245.133 with www in CNAME @ Though in Thomas' case the PTR record for 75.100.245.133 returns www.adi.com, so that's a good reason for not doing the CNAME thing. Sam -- The University of Edinburgh is a charitable body, registered in Scotland, with registration number SC005336. ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: A record of domain name must be name server ?
On 9/10/14, 8:42 AM, Sam Wilson wrote: > And you could reduce maintenance very slightly by replacing > > www in A 75.100.245.133 > > with > > www in CNAME @ And now you have an MX record, 3 NS records and a bunch of other crap associated with the WWW address. Keeping track of one extra A record (and associated record if you go in that direction) isn't a bad thing. (Personal preferences, of course) AlanC signature.asc Description: OpenPGP digital signature ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: A record of domain name must be name server ?
On 9/10/14, 8:42 AM, Sam Wilson wrote: And you could reduce maintenance very slightly by replacing www in A 75.100.245.133 with www in CNAME @ On 10.09.14 08:58, Alan Clegg wrote: And now you have an MX record, 3 NS records and a bunch of other crap associated with the WWW address. Keeping track of one extra A record (and associated record if you go in that direction) isn't a bad thing. simply said: don't CNAME to @. (Personal preferences, of course) yes, but still... -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Spam = (S)tupid (P)eople's (A)dvertising (M)ethod ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: A record of domain name must be name server ?
On 9/10/2014 11:58 AM, Alan Clegg wrote: On 9/10/14, 8:42 AM, Sam Wilson wrote: And you could reduce maintenance very slightly by replacing www in A 75.100.245.133 with www in CNAME @ And now you have an MX record, 3 NS records and a bunch of other crap associated with the WWW address. And why is that a _bad_ thing? If I ever change that IP, I want to change it in *one*place*. The CNAME allows everything to automatically follow that change. Why necessitate multiple updates when a single update will do? If TTL-manipulation is necessary in order to minimize caching complications, the number of RRset updates is magnified, of course. MXes and NSes are a non-issue, IMO, since the contexts in which people look up a "www" name (usually end-users trying to access a website) are usually quite disjoint from the use cases of MXes (automated systems delivering mail) or NSes (nameserver-to-nameserver traffic). I see little or no risk of confusion or misdirection. I suppose it's _possible_ that some day a mail sender might mistype a recipient as u...@www.example.com instead of (as they should have) u...@example.com, and maybe in that scenario the CNAME will cause the recipient address to show up in the headers of the received message in an unexpected way. But, to me, this falls under the generic category of GIGO (garbage in, garbage out) -- you type something wrong into a computer system, you might not get the results you expected... - Kevin ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: A record of domain name must be name server ?
On 9/10/14, 2:13 PM, Kevin Darcy wrote: > On 9/10/2014 11:58 AM, Alan Clegg wrote: >> On 9/10/14, 8:42 AM, Sam Wilson wrote: >> >>> And you could reduce maintenance very slightly by replacing >>> >>> www in A 75.100.245.133 >>> >>> with >>> >>> www in CNAME @ >> And now you have an MX record, 3 NS records and a bunch of other crap >> associated with the WWW address. > And why is that a _bad_ thing? (Personal preferences, of course) Answered before asked. AlanC signature.asc Description: OpenPGP digital signature ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: A record of domain name must be name server ?
On 9/10/2014 5:20 PM, Alan Clegg wrote: On 9/10/14, 2:13 PM, Kevin Darcy wrote: On 9/10/2014 11:58 AM, Alan Clegg wrote: On 9/10/14, 8:42 AM, Sam Wilson wrote: And you could reduce maintenance very slightly by replacing www in A 75.100.245.133 with www in CNAME @ And now you have an MX record, 3 NS records and a bunch of other crap associated with the WWW address. And why is that a _bad_ thing? (Personal preferences, of course) Answered before asked. Well, I was asking about your _particular_ preference, which seemed rather clear from your use of the word "crap". Why does it matter (in _your_ opinion) if the target of the "www" CNAME owns records of more types than just A and/or ? Also, have you considered the forward/reverse ambiguity that arises when multiple owner names resolve to the same address? To which of those names does the PTR point? - Kevin ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: A record of domain name must be name server ?
Hey Kevin, This is not an issue at all. A PTR is different then a "A" record and can be used by two reverse domain names and only the owner of the IP addresses space can define them. I am not sure if two PTR records for two domains will be applied to one IP but it is possible for two IP addresses to have the same PTR. Can we even use a CNAME as a PTR??? Eliezer On 09/11/2014 12:37 AM, Kevin Darcy wrote: Also, have you considered the forward/reverse ambiguity that arises when multiple owner names resolve to the same address? To which of those names does the PTR point? - Kevin ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: A record of domain name must be name server ?
No, what I'm saying is that if example.com owns an A record 203.0.113.48, and www.example.com owns an A record 203.0.113.48, then where does 48.113.0.203.in-addr.arpa point? Some people will point it at example.com, some will point it at www.example.com. What you get is a mish-mosh. No consistency. If, on the other hand, www.example.com is a CNAME to example.com, then it's crystal clear where the reverse record will point -- example.com. There is no ambiguity or option for inconsistency. - Kevin On 9/10/2014 5:48 PM, Eliezer Croitoru wrote: Hey Kevin, This is not an issue at all. A PTR is different then a "A" record and can be used by two reverse domain names and only the owner of the IP addresses space can define them. I am not sure if two PTR records for two domains will be applied to one IP but it is possible for two IP addresses to have the same PTR. Can we even use a CNAME as a PTR??? Eliezer On 09/11/2014 12:37 AM, Kevin Darcy wrote: Also, have you considered the forward/reverse ambiguity that arises when multiple owner names resolve to the same address? To which of those names does the PTR point? - Kevin ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
Re: A record of domain name must be name server ?
Well this is a confusing point but it's rather an administrative decision to make. If indeed the network\server\domain administrator is not aware of his services he will either have or will not have decision to make. It will depend on whether he knows what he is doing. Mish-mosh or banana he will eat it one way or another. One conclusion he will probably learn is that dns records takes from 24 to about 48 hours to be forgotten from dns caches :D All The Bests, Eliezer On 09/11/2014 01:13 AM, Kevin Darcy wrote: No, what I'm saying is that if example.com owns an A record 203.0.113.48, and www.example.com owns an A record 203.0.113.48, then where does 48.113.0.203.in-addr.arpa point? Some people will point it at example.com, some will point it at www.example.com. What you get is a mish-mosh. No consistency. If, on the other hand, www.example.com is a CNAME to example.com, then it's crystal clear where the reverse record will point -- example.com. There is no ambiguity or option for inconsistency. - Kevin ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
