On Sun, May 2, 2021 at 1:58 PM Doug H. <fedoraproject....@wombatz.com> wrote:
> On Sat, May 1, 2021, at 2:50 PM, Ed Greshko wrote: > > > BTW, if you decide to go ahead with using views it would be helpful if > you have > > a system on the "outside" for you to use to test queries. > > > > As I understand it, all your "internal" systems have 10.0.0.X IP > addresses. > > > Yup. Something else I just noticed that *might* be important... > *i think you are right, i've been wondering about the ns3's behaviour as the dnscheck page keeps telling me i have only one responding dns.* *as it is part of the at&t dns, i have been ignoring this; now is the time to deal with it....* *i am sporting mike's recent config file cuz its So much prettier than my hack. i hacked in a CAAA record & updated teh serial number giving me, ...* *$TTL 3D ; default ttl for records without a specified lifetime$ORIGIN linuxlighthouse.com <http://linuxlighthouse.com>.linuxlighthouse.com <http://linuxlighthouse.com>. CAA 0 issue "letsencrypt.org <http://letsencrypt.org>"@ IN SOA ws.linuxlighthouse.com <http://ws.linuxlighthouse.com>. root.linuxlighthouse.com <http://root.linuxlighthouse.com>. ( 2021050301 ; serial number 16384 ; ns refresh 2048 ; ns retry 1048576 ; authority expiry 2560 ); min (RFC2308 ยง4) IN NS ws.linuxlighthouse.com <http://ws.linuxlighthouse.com>. IN NS ns3.attdns.com <http://ns3.attdns.com>.; IN MX linuxlighthouse.com <http://linuxlighthouse.com>.ws IN A 108.220.213.121 IN A 108.220.213.121* *as an aside, if i add 'www in a 108.220.213.121'* *would properly define 'www.linuxlighthouse.com <http://www.linuxlighthouse.com>' ???* /usr/sbin/named-compilezone -i full -o - linuxlighthouse.com /var/named/linuxlighthouse.com.db zone linuxlighthouse.com/IN: loaded serial 2021050301 linuxlighthouse.com. 259200 IN SOA ws.linuxlighthouse.com. root.linuxlighthouse.com. 2021050301 16384 2048 1048576 2560 linuxlighthouse.com. 259200 IN NS ws.linuxlighthouse.com. linuxlighthouse.com. 259200 IN NS ns3.attdns.com. linuxlighthouse.com. 259200 IN CAA 0 issue "letsencrypt.org" ws.linuxlighthouse.com. 259200 IN A 108.220.213.121 > >dig @WS.LINUXLIGHTHOUSE.COM LINUXLIGHTHOUSE.COM ns > > ; <<>> DiG 9.11.28-RedHat-9.11.28-1.fc33 <<>> @WS.LINUXLIGHTHOUSE.COM > LINUXLIGHTHOUSE.COM ns > ; (1 server found) > ;; global options: +cmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39676 > ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 2 > ;; WARNING: recursion requested but not available > > ;; OPT PSEUDOSECTION: > ; EDNS: version: 0, flags:; udp: 1232 > ; COOKIE: 2da4654bcbbfcf2e20c614f6608f10fb5882579a181961d8 (good) > ;; QUESTION SECTION: > ;LINUXLIGHTHOUSE.COM. IN NS > > ;; ANSWER SECTION: > linuxlighthouse.com. 86400 IN NS ws.linuxlighthouse.com. > > ;; ADDITIONAL SECTION: > ws.linuxlighthouse.com. 86400 IN A 108.220.213.121 > > ;; Query time: 97 msec > ;; SERVER: 108.220.213.121#53(108.220.213.121) > ;; WHEN: Sun May 02 13:52:11 PDT 2021 > ;; MSG SIZE rcvd: 128 > > > That says that ws.linuxlighthouse.com is the one and only name server for > the domain. Whereas whois shows the more normal 2 minimum: > > >whois LINUXLIGHTHOUSE.COM | grep ^Name > Name Server: WS.LINUXLIGHTHOUSE.COM > Name Server: NS3.ATTDNS.COM > > So, even if you let NS3.ATTDNS.COM pull the zone from you it might not > work correctly if they just use the zone you feed them without adding > themselves to the mix with an NS record. > *is my registrar or attdns the player to whine to?* > > -- > Doug Herr > fedoraproject....@wombatz.com > _______________________________________________ > users mailing list -- users@lists.fedoraproject.org > To unsubscribe send an email to users-le...@lists.fedoraproject.org > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org > Do not reply to spam on the list, report it: > https://pagure.io/fedora-infrastructure >
_______________________________________________ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
