Date: Sun, 26 Jul 1998 07:06:25 -0400 (EDT) From: "A. Karl Heller" <heller@cdnow.com> To: pajarola@cybertime.ch (Rico Pajarola) Cc: kpielorz@tdx.co.uk, freebsd-stable@FreeBSD.ORG Subject: Re: MX CNAME Message-ID: <199807261106.HAA12407@daria.cdnow.com> In-Reply-To: <3.0.32.19980726062451.00742df8@www.dlc.cybertime.ch> from "Rico Pajarola" at Jul 26, 98 06:26:38 am
next in thread | previous in thread | raw e-mail | index | archive | help
As I recall, the sendmail book says that you should not ( ie. can't )
use CNAMEs in MX records. I ran into problems with this a while back
but can't remember what. DNS should also not be a CNAME.
One way of doing it as sugested below is to create a virtual host.
That way you can move the dns ip around to other machines when the time
comes. pop and smtp hosts for pop clients are CNAMED to the dns machines
real hostname.
Karl
> At 11:35 24.07.98 +0100, you wrote:
> >I am a little confused now...
> so was I when I first encountered this problem ;)
> >Imagine we have a DNS server, which runs on a machine called
> >'skyhawk.domain.com', we think we're being clever by setting up a CNAME
> which is
> >'dns0.domain.com' which in turn points to 'skyhawk.domain.com'.
> >
> >Why do this? - So that when/if we move our DNS server all our Internic
> records
> >which point to 'dns0.domain.com' can be moved easily (by changing the CNAME).
> I did this some time ago, and it didn't work very well, ie, nothing
> complained, but it dind't work for some clients, and murphy's law says that
> it's your paying (and not very patient) customer who finds out first :)
> The difference between a NS reference to a CNAME and two A records pointing
> to the same IP address is that the error with the 2 A records only shows up
> if you're doing additional database consistency checks (which aren't
> necessary for looking up the data), while an NS -> CNAME is plain wrong,
> and some broken clients (eg some M$ products) just can't resolve them.
> >I don't mind using 'IN A' records for this - but isn't this going to muck up?
> >e.g.
> >
> >$ORIGIN = "domain.com"
> >skyhawk IN A 192.168.100.1
> >dns0 IN A 192.168.100.1
> >
> >Isn't this going to muckup people who do reverse DNS queries? If they resolve
> >'dns0.domain.com' they will get '192.168.100.1' which reverse to
> >'skyhawk.domain.com' - which isn't going to please too many paranoid
> >wrappers?/people?
> >
> >The only other choice is to put 'skyhawk.domain.com' in the Internic records,
> >and hope that machine's role never changes?
> I don't think that a lot of people will do reverse lookups on your DNS
> server (at least not when doing queries), but the best way to go (if you
> have an ip address to waste) would be to make an alias ip (using ifconfig
> <device> <alias-ip> alias) and using this for your dns server, and if
> you're using bind 8.x, you can limit your dns to use this address
> exclusively. If the machine's role ever changes, you don't even have to
> change any DNS database files, you just take down the alias (ifconfig
> <device> <ip-to-delete> delete), set up the same alias on the new machine,
> fire up the dns server (or send it a HUP signal to recognize the new
> address), and there you are, you moved your nameserver to another machine,
> and don't even have DNS cache problems (which can be very nasty, as bad old
> DNS data can stay in caches for weeks, if you didn't change the ttl values
> early enough)
> Another method would be to make dns0 the A record, and skyhawk the CNAME
> (not very beautiful though)
> >Maybe I'm just getting confused? (Hence the mail, you seem to know what your
> >talking about... <g>)
> I learnt it by doing it wrong first 8->
> Everything clear now?
> Rico Pajarola
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-stable" in the body of the message
--
A. Karl Heller - Senior Systems Engineer - heller@cdnow.com
-----------------------------------------------------------------------------
An unbreakable toy is useful for breaking other toys.
Do something unusual today. Accomplish work on the computer.
>>>>> HTTP://CDNOW.COM - BIGGEST FASTEST BEST <<<<<
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199807261106.HAA12407>