Date: Sun, 26 Jul 1998 13:44:46 +0200 From: Rico Pajarola <pajarola@cybertime.ch> To: freebsd-isp@FreeBSD.ORG Subject: Re: MX CNAME Message-ID: <3.0.32.19980726134059.006c7ff4@www.dlc.cybertime.ch>
next in thread | raw e-mail | index | archive | help
At 11:35 24.07.98 +0100, you wrote: >I am a little confused now... so was I when I first encountered this problem ;) >Imagine we have a DNS server, which runs on a machine called >'skyhawk.domain.com', we think we're being clever by setting up a CNAME which is >'dns0.domain.com' which in turn points to 'skyhawk.domain.com'. > >Why do this? - So that when/if we move our DNS server all our Internic records >which point to 'dns0.domain.com' can be moved easily (by changing the CNAME). I did this some time ago, and it didn't work very well, ie, nothing complained, but it dind't work for some clients, and murphy's law says that it's your paying (and not very patient) customer who finds out first :) The difference between a NS reference to a CNAME and two A records pointing to the same IP address is that the error with the 2 A records only shows up if you're doing additional database consistency checks (which aren't necessary for looking up the data), while an NS -> CNAME is plain wrong, and some broken clients (eg some M$ products) just can't resolve them. >I don't mind using 'IN A' records for this - but isn't this going to muck up? >e.g. > >$ORIGIN = "domain.com" >skyhawk IN A 192.168.100.1 >dns0 IN A 192.168.100.1 > >Isn't this going to muckup people who do reverse DNS queries? If they resolve >'dns0.domain.com' they will get '192.168.100.1' which reverse to >'skyhawk.domain.com' - which isn't going to please too many paranoid >wrappers?/people? > >The only other choice is to put 'skyhawk.domain.com' in the Internic records, >and hope that machine's role never changes? I don't think that a lot of people will do reverse lookups on your DNS server (at least not when doing queries), but the best way to go (if you have an ip address to waste) would be to make an alias ip (using ifconfig <device> <alias-ip> alias) and using this for your dns server, and if you're using bind 8.x, you can limit your dns to use this address exclusively. If the machine's role ever changes, you don't even have to change any DNS database files, you just take down the alias (ifconfig <device> <ip-to-delete> delete), set up the same alias on the new machine, fire up the dns server (or send it a HUP signal to recognize the new address), and there you are, you moved your nameserver to another machine, and don't even have DNS cache problems (which can be very nasty, as bad old DNS data can stay in caches for weeks, if you didn't change the ttl values early enough) Another method would be to make dns0 the A record, and skyhawk the CNAME (not very beautiful though) >Maybe I'm just getting confused? (Hence the mail, you seem to know what your >talking about... <g>) I learnt it by doing it wrong first 8-> Everything clear now? Rico Pajarola To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3.0.32.19980726134059.006c7ff4>