From owner-freebsd-questions@FreeBSD.ORG  Sun Jan  1 23:58:52 2012
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id CCB67106567E
	for <freebsd-questions@freebsd.org>;
	Sun,  1 Jan 2012 23:58:52 +0000 (UTC)
	(envelope-from roquesor@gmail.com)
Received: from mail-ww0-f50.google.com (mail-ww0-f50.google.com [74.125.82.50])
	by mx1.freebsd.org (Postfix) with ESMTP id 5984A8FC08
	for <freebsd-questions@freebsd.org>;
	Sun,  1 Jan 2012 23:58:51 +0000 (UTC)
Received: by wgbdr11 with SMTP id dr11so25922727wgb.31
	for <freebsd-questions@freebsd.org>;
	Sun, 01 Jan 2012 15:58:51 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=date:from:to:subject:message-id:references:mime-version
	:content-type:content-disposition:in-reply-to:user-agent;
	bh=r1XcYc2Ivl5HHqwz0Vt7Q9J6FBm+3y6SzzlQW5m9Y5o=;
	b=kaR45DNr/fnU9Z9kviLHuV/lI5NAj10GPcAeC8yeYve170ShgOYlzma0cqk5HzidW6
	TYdX1PDbdYZDJjq06sdL5B8NDZTwO/HcFLOh+V27WqU6MjdI4V+qMLyNmWfHa/X93feC
	qYgnno5xKt+pNJ+Z0Ur/jptZEvHGj9veIStpo=
Received: by 10.227.59.203 with SMTP id m11mr46020988wbh.18.1325462331254;
	Sun, 01 Jan 2012 15:58:51 -0800 (PST)
Received: from localhost ([80.31.138.65])
	by mx.google.com with ESMTPS id fi6sm106001320wib.2.2012.01.01.15.58.49
	(version=SSLv3 cipher=OTHER); Sun, 01 Jan 2012 15:58:50 -0800 (PST)
Date: Mon, 2 Jan 2012 00:58:43 +0100
From: Walter Alejandro Iglesias <roquesor@gmail.com>
To: freebsd-questions@freebsd.org
Message-ID: <20120101235843.GB55393@chancha.local>
References: <CAHsiZG8z8eNTLKzPvAsVm7ZTBwkNGLA+cLjQ2gJJvez6Aj8ChQ@mail.gmail.com>
	<CAHsiZG-tMwY2xjLx4Td24--FgXgEqqJW6e_JPkJnSznY1dEo5w@mail.gmail.com>
	<CAHsiZG9aah6nS3sQ==JNMw5x426vxUa6MfgcJqLSv0s9YXdY7A@mail.gmail.com>
	<CAFuo_fxnt+EWtKHaBnMHDx6UiYHt84=P1QNuGqigkj-EZHJCwA@mail.gmail.com>
	<20120101224708.GA44456@chancha.local>
	<20224.58435.410063.543105@jerusalem.litteratus.org>
	<CAFuo_fwY2vbtDw247LDVwbA_b1X=Rs8Kd9fh8pFDqt8x7BXk2A@mail.gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CAFuo_fwY2vbtDw247LDVwbA_b1X=Rs8Kd9fh8pFDqt8x7BXk2A@mail.gmail.com>
User-Agent: Mutt/1.4.2.3i
Subject: Re: DNS
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 01 Jan 2012 23:58:53 -0000

On Sun, Jan 01, 2012 at 03:24:59PM -0800, Waitman Gobble wrote:
> On Sun, Jan 1, 2012 at 2:54 PM, Robert Huff <roberthuff@rcn.com> wrote:
> 
> >
> > Walter Alejandro Iglesias writes:
> >
> > >  Time ago I made the attempt to setup my own DNS in the same
> > >  machine I had my web server running.  DNS was the only thing I
> > >  was not able to automatically update in the system with my
> > >  scripts each time a new customer purchased a service.  It would
> > >  be wonderful for me if you or anyone here at least confirm me if
> > >  it is really possible.
> >
> >         What is possible - updating using scripts, or running BIND on
> > the same machine as a web server (presumably Apache)?
> >        While I'm sure someone has written them, I don't know of any
> > scripts that will "update" (whatever that means) BIND configuration
> > files that are included either as part of the base system or as
> > ports.
> >        However, running BIND and Apache is certainly possible - the
> > machine I'm typing this on does exactly that.
> >
> >
> >                                Robert Huff
> >
> >
> I agree with Robert, it's generally no problem, at least technically, to
> run BIND on the same machine. (Unless in certain situations I can think of
> at the moment) you are running your httpd server on a non-public network
> behind a firewall, doing certain things with NAT on the router, or running
> httpd on a "private machine" that only "gets traffic" from a public-facing
> cache/proxy like squid. These situations don't rule out use but could cause
> 'looping' or otherwise cause problems depending on how your network and
> name system is setup.
> 
> It is better to have more than one machine running name services, if
> possible. Also a good idea to prohibit zone transfers and recursive
> lookups, or at least limit very carefully.
> 
> You should be able to set up a zone update thing for your customers, just
> keep TTL somewhat short, and update your serial # in the zone so that
> external caches will pull the updates (using date and/or time is probably
> best.) And you probably don't want the daemon/nobody httpd user fooling
> around with the zone files or named process directly so it's best to set a
> signal in your script like 'touch /tmp/updatebind' or something and have a
> cron job check for the 'signal'.
> 
> Waitman


Thanks Waitman,

The true is I am a bit lost, perhaps (here is late, 00:54) I am
a bit hungry and tired :-).  I will dinner, sleep and tomorrow
morning with a fresh mind I will reread carefully this last
message.  I'll buy the book you advised too.


	Walter