Hello,
I have recently switched from having a dynamic IP address and using a DNS service like zoneedit and dyndns to having a static IP address.
How do I stop having to use these DNS services and use my own? I tried changing the DNS servers at my registrar but it won't accept my server.
TIA
How do I stop having to use these DNS services and use my own? I tried changing the DNS servers at my registrar but it won't accept my server.
If you are going to provide DNS services on your server, you need to create a domain host record with your registrar for your domain. IIRC, this must be approved (or rather not denied) by your ISP. Then you can set up your name server to provide DNS services. Keep in mind that you must have a minimum of 2 name servers to handle DNS. Some ISPs will provide secondary or slave DNS services included in your service, others will provide it for a cost, and others won't offer it at all. Of course you could also contract elsewhere for secondary DNS services. Best practice is to not have both of your nameservers on the same class C network.
HTH, Barry
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Barry Brimer Sent: Sunday, June 25, 2006 1:43 PM To: CentOS mailing list Subject: Re: [CentOS] DNS Server
How do I stop having to use these DNS services and use my own? I tried changing the DNS servers at my registrar but it won't
accept my server.
If you are going to provide DNS services on your server, you need to create a domain host record with your registrar for your domain. IIRC, this must be approved (or rather not denied) by your ISP. Then you can set up your name server to provide DNS services. Keep in mind that you must have a minimum of 2 name servers to handle DNS. Some ISPs will provide secondary or slave DNS services included in your service, others will provide it for a cost, and others won't offer it at all. Of course you could also contract elsewhere for secondary DNS services. Best practice is to not have both of your nameservers on the same class C network.
HTH, Barry
Thanks Barry,
Sounds a little too involved plus I only have 1 static IP.
Eddie
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Tony Wicks Sent: Sunday, June 25, 2006 4:07 PM To: CentOS mailing list Subject: Re: [CentOS] DNS Server
Sounds a little too involved plus I only have 1 static IP.
Eddie
DNS can be quite involved, unless you have a really good reason stick to using zonedit.
Yep, I believe I'm in over my head!
1. Build a primary DNS centos 4.3 server, and make the required efforts to configure it properly. Do the required effort to have a secondary nameserver, like using granitecanyon or other similar service if you don't have the physical hardware just yet. I use Bind for my dns servers.
2. Ping it on it's static IP from a remote machine to assure it can be seen, specifically on port 53. You can usually block all of the other ports with your firewall.
3. Aim your registrar/ domain name at this new IP as the "primary nameserver". I find that using web forms are less cooperative than contacting the registrar's tech support by phone and having them make the change. Web forms have error checking, sometimes accurate, sometimes false positives. Either way, the human can say things like "i'm not seeing that on ping or nslookup/dig the same as you, let me check into that".
4. Audit your entire setup, bring it online. Try using weekends for testing.
5. Buy a good DNS book, or download one of the FAQ's, join mailing list for bind or other technology, and use programs like tcpdump and ngrep for testing. I like ./ngrep '' port 53 or similar because I can see the server start to contact root servers as it propagates.
maybe i'll make a basic howto "Installation & Configuration of Bind on centos 4.3" and submit it.
-karlski
Hello,
I have recently switched from having a dynamic IP address and using a DNS service like zoneedit and dyndns to having a static IP address.
How do I stop having to use these DNS services and use my own? I tried changing the DNS servers at my registrar but it won't accept my server.
TIA
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Karl R. Balsmeier Sent: Sunday, June 25, 2006 1:47 PM To: CentOS mailing list Subject: Re: [CentOS] DNS Server
- Build a primary DNS centos 4.3 server, and make the
required efforts to configure it properly. Do the required effort to have a secondary nameserver, like using granitecanyon or other similar service if you don't have the physical hardware just yet. I use Bind for my dns servers.
- Ping it on it's static IP from a remote machine to assure
it can be seen, specifically on port 53. You can usually block all of the other ports with your firewall.
- Aim your registrar/ domain name at this new IP as the
"primary nameserver". I find that using web forms are less cooperative than contacting the registrar's tech support by phone and having them make the change. Web forms have error checking, sometimes accurate, sometimes false positives. Either way, the human can say things like "i'm not seeing that on ping or nslookup/dig the same as you, let me check into that".
- Audit your entire setup, bring it online. Try using
weekends for testing.
- Buy a good DNS book, or download one of the FAQ's, join
mailing list for bind or other technology, and use programs like tcpdump and ngrep for testing. I like ./ngrep '' port 53 or similar because I can see the server start to contact root servers as it propagates.
maybe i'll make a basic howto "Installation & Configuration of Bind on centos 4.3" and submit it.
-karlski
Hello karlski,
I'd look forward to reading your howto. I doubt I can setup this myself as I only have 1 stactic IP at this time. :-(
On a side note, I have several virtual host running on this IP and have zone files for each. Do these virtual host need reverse or in-arpa files as well? (my terminolgy my be wrong)
Thanks,
Eddie
Hello,
I have recently switched from having a dynamic IP address
and using a
DNS service like zoneedit and dyndns to having a static IP address.
How do I stop having to use these DNS services and use my own? I tried changing the DNS servers at my registrar but it won't
accept my server.
TIA
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
On Sun June 25 2006 13:46, Karl R. Balsmeier wrote:
- Buy a good DNS book, or download one of the FAQ's, join mailing list
for bind or other technology, and use programs like tcpdump and ngrep for testing. I like ./ngrep '' port 53 or similar because I can see the server start to contact root servers as it propagates.
You can also use named-checkzone and named-checkconf to check your config and zone files for errors.
Best advice is learn DNS before you try this on your own. There is a lot involved and it's easy to make a mistake.
Hi,
Below is the default /etc/inittab from a Centos 4.3 machine:
I need to add a line like this,
T0:23:respawn:/sbin/getty -L ttyS0 9600 vt100
as I have on my Debian server, to enable my Console server to communicate across a serial/ console cable in my data center.
Can someone tell me the proper syntax to this line in Centos? Because when I try the line used in my Debian server on the Centos box I get errors like:
"-L not a supported option" or "/sbin/getty does not exist"
----snip---lil ol' centos in need of a good console TTY line----
# Default runlevel. The runlevels used by RHS are: # 0 - halt (Do NOT set initdefault to this) # 1 - Single user mode # 2 - Multiuser, without NFS (The same as 3, if you do not have networking) # 3 - Full multiuser mode # 4 - unused # 5 - X11 # 6 - reboot (Do NOT set initdefault to this) # id:3:initdefault:
# System initialization. si::sysinit:/etc/rc.d/rc.sysinit
l0:0:wait:/etc/rc.d/rc 0 l1:1:wait:/etc/rc.d/rc 1 l2:2:wait:/etc/rc.d/rc 2 l3:3:wait:/etc/rc.d/rc 3 l4:4:wait:/etc/rc.d/rc 4 l5:5:wait:/etc/rc.d/rc 5 l6:6:wait:/etc/rc.d/rc 6
# Trap CTRL-ALT-DELETE ca::ctrlaltdel:/sbin/shutdown -t3 -r now
# When our UPS tells us power has failed, assume we have a few minutes # of power left. Schedule a shutdown for 2 minutes from now. # This does, of course, assume you have powerd installed and your # UPS connected and working correctly. pf::powerfail:/sbin/shutdown -f -h +2 "Power Failure; System Shutting Down"
# If power was restored before the shutdown kicked in, cancel it. pr:12345:powerokwait:/sbin/shutdown -c "Power Restored; Shutdown Cancelled"
# Run gettys in standard runlevels 1:2345:respawn:/sbin/mingetty tty1 2:2345:respawn:/sbin/mingetty tty2 3:2345:respawn:/sbin/mingetty tty3 4:2345:respawn:/sbin/mingetty tty4 5:2345:respawn:/sbin/mingetty tty5 6:2345:respawn:/sbin/mingetty tty6
# Run xdm in runlevel 5 x:5:respawn:/etc/X11/prefdm -nodaemon
----end snip o default centos--------
-any help much appreciated, going down to the colo tomorrow n stuff...
-karlski
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Thu, Jun 29, 2006 at 05:46:20PM -0700, Karl R. Balsmeier wrote:
Hi,
Below is the default /etc/inittab from a Centos 4.3 machine:
I need to add a line like this,
T0:23:respawn:/sbin/getty -L ttyS0 9600 vt100
as I have on my Debian server, to enable my Console server to communicate across a serial/ console cable in my data center.
Can someone tell me the proper syntax to this line in Centos? Because when I try the line used in my Debian server on the Centos box I get errors like:
"-L not a supported option" or "/sbin/getty does not exist"
you might want to try agetty:
T0:23:respawn:/sbin/agetty 9600 ttyS0 vt100
Not sure if it will work, but seems likely.
- -- Rodrigo Barbosa "Quid quid Latine dictum sit, altum viditur" "Be excellent to each other ..." - Bill & Ted (Wyld Stallyns)
that most certainly helped!
thanks very much rodrigo!
-karlski
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Thu, Jun 29, 2006 at 05:46:20PM -0700, Karl R. Balsmeier wrote:
Hi,
Below is the default /etc/inittab from a Centos 4.3 machine:
I need to add a line like this,
T0:23:respawn:/sbin/getty -L ttyS0 9600 vt100
as I have on my Debian server, to enable my Console server to communicate across a serial/ console cable in my data center.
Can someone tell me the proper syntax to this line in Centos? Because when I try the line used in my Debian server on the Centos box I get errors like:
"-L not a supported option" or "/sbin/getty does not exist"
you might want to try agetty:
T0:23:respawn:/sbin/agetty 9600 ttyS0 vt100
Not sure if it will work, but seems likely.
Rodrigo Barbosa "Quid quid Latine dictum sit, altum viditur" "Be excellent to each other ..." - Bill & Ted (Wyld Stallyns)
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFEpHVapdyWzQ5b5ckRAh2XAJ9rY6X93MDkiatSQ+yP7DefISm8qQCeOhKr eLoGt4mfA3ovgaRBWeRY5Wo= =zni2 -----END PGP SIGNATURE----- _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Rodrigo Barbosa wrote:
you might want to try agetty:
T0:23:respawn:/sbin/agetty 9600 ttyS0 vt100
Not sure if it will work, but seems likely.
I've always wanted to know how this is done (before serial ports go away forever).
Thanks!
On Thu, 2006-06-29 at 20:48 -0700, Chris Fox wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Rodrigo Barbosa wrote:
you might want to try agetty:
T0:23:respawn:/sbin/agetty 9600 ttyS0 vt100
Not sure if it will work, but seems likely.
I've always wanted to know how this is done (before serial ports go away forever).
We (CentOS Project) just got a $29,000 machine w/o a video card. (Sparc niagara t2000 machine).
I use a serial connection to what it boot ...
On Thu, 29 Jun 2006, Johnny Hughes wrote:
We (CentOS Project) just got a $29,000 machine w/o a video card. (Sparc niagara t2000 machine).
I use a serial connection to what it boot ...
The SPARC/OpenBoot logic is so sane: "if there's no keyboard, assume a console on the first serial port." If only PC BIOS manufacturers could "discover" that trick.
On Thu, 29 Jun 2006, Chris Fox wrote:
T0:23:respawn:/sbin/agetty 9600 ttyS0 vt100
Not sure if it will work, but seems likely.
I've always wanted to know how this is done (before serial ports go away forever).
Go away?!? Then computers would violate the fundamental law: "A real server needs only three cords to function: power, ethernet, and serial." :-)
At a former job when I was installing a lot of machines with serial consoles, I'd modify the bootloader directive in the kickstart file:
bootloader --location=mbr --append="console=tty0 console=ttyS0"
and use a stock shell routine in the %post section:
# # serial_console_enable # # edit conf files so that /dev/console spews to /dev/ttySx # # usage: # serial_console_enable ttySx (where x is usually 0 or 1) # function serial_console_enable {
echo "configuring for serial port on $1 ..."
# 'p' is short for 'port'; test sanity of device name. local p=$( expr "$1" : 'ttyS([[:digit:]])' )
# bail if $p is empty if [ -z "$p" ]; then echo "unknown argument '$1' to serial_console_enable" >&2 return fi
echo "=> inittab" echo "con:2345:respawn:/sbin/agetty -h ttyS${p} 9600 vt100" >> /etc/inittab
echo "=> securetty" echo "ttyS${p}" >> /etc/securetty
echo "=> ioctl.save" rm -f /etc/ioctl.save
echo "=> grub.conf" mv /boot/grub/grub.conf /boot/grub/grub.conf.orig cat <<__eof__ > /boot/grub/grub.conf # added by kickstart serial --unit=${p} --speed=9600 --word=8 --parity=no --stop=1 terminal --timeout=5 serial console __eof__ grep -v splashimage /boot/grub/grub.conf.orig >> /boot/grub/grub.conf echo
} # end serial_console_enable
Hello,
I have recently switched from having a dynamic IP address and using a DNS service like zoneedit and dyndns to having a static IP address.
How do I stop having to use these DNS services and use my own? I tried changing the DNS servers at my registrar but it won't accept my server.
TIA
Does your Registrar supply DNS services itself? I ask as mine does, but only forward, but my ISP supplies reverse DNS.
Rob
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of centos@bathnetworks.com Sent: Sunday, June 25, 2006 3:25 PM To: CentOS mailing list Subject: Re: [CentOS] DNS Server
Hello,
I have recently switched from having a dynamic IP address
and using a
DNS service like zoneedit and dyndns to having a static IP address.
How do I stop having to use these DNS services and use my own? I tried changing the DNS servers at my registrar but it won't
accept my server.
TIA
Does your Registrar supply DNS services itself? I ask as mine does, but only forward, but my ISP supplies reverse DNS.
My registrar probably does, not sure about my ISP. I need the reverse DNS and I think zoneedit may offer it. I've been using them for serveral years with little or if any problems.
Thanks!!
On Sun, 25 Jun 2006, Thomas E Dukes wrote:
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of centos@bathnetworks.com Sent: Sunday, June 25, 2006 3:25 PM To: CentOS mailing list Subject: Re: [CentOS] DNS Server
Hello,
I have recently switched from having a dynamic IP address
and using a
DNS service like zoneedit and dyndns to having a static IP address.
How do I stop having to use these DNS services and use my own? I tried changing the DNS servers at my registrar but it won't
accept my server.
TIA
Does your Registrar supply DNS services itself? I ask as mine does, but only forward, but my ISP supplies reverse DNS.
My registrar probably does, not sure about my ISP. I need the reverse DNS and I think zoneedit may offer it. I've been using them for serveral years with little or if any problems.
Your reverse dns MUST come from whoever owns the ipaddress. In 99.9 % of the cases that is your ISP. Some (not many) will actually deligate the reverse dns to you but most will at best add ptr's that match whatever is in the forward zone.
By virtue of the fact that you are asking these questions I suspect that you are in over your head. I would suggest using someone else for your DNS.
Regards,
Tom
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Tom Diehl Sent: Sunday, June 25, 2006 6:11 PM To: CentOS mailing list Subject: [CentOS] Re: DNS Server
On Sun, 25 Jun 2006, Thomas E Dukes wrote:
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of centos@bathnetworks.com Sent: Sunday, June 25, 2006 3:25 PM To: CentOS mailing list Subject: Re: [CentOS] DNS Server
Hello,
I have recently switched from having a dynamic IP address
and using a
DNS service like zoneedit and dyndns to having a static
IP address.
How do I stop having to use these DNS services and use my own? I tried changing the DNS servers at my registrar but it won't
accept my server.
TIA
Does your Registrar supply DNS services itself? I ask as
mine does,
but only forward, but my ISP supplies reverse DNS.
My registrar probably does, not sure about my ISP. I need
the reverse
DNS and I think zoneedit may offer it. I've been using them for serveral years with little or if any problems.
Your reverse dns MUST come from whoever owns the ipaddress. In 99.9 % of the cases that is your ISP. Some (not many) will actually deligate the reverse dns to you but most will at best add ptr's that match whatever is in the forward zone.
So even if a service such as zoneedit, say they can do reverse DNS, it won't work?
I really don't understand how it can work in one direction and not the reverse. If they can keep up with my IP address and match it to my domainanme, seems they could do the reverse.
Thanks
On Sun, 2006-06-25 at 19:32, Thomas E Dukes wrote:
Your reverse dns MUST come from whoever owns the ipaddress. In 99.9 % of the cases that is your ISP. Some (not many) will actually deligate the reverse dns to you but most will at best add ptr's that match whatever is in the forward zone.
So even if a service such as zoneedit, say they can do reverse DNS, it won't work?
The only way it can work is if whoever owns the address range delegates to them.
I really don't understand how it can work in one direction and not the reverse. If they can keep up with my IP address and match it to my domainanme, seems they could do the reverse.
Names and addresses have a different hierarchy and you have to work your way down from the top in DNS. Names belongs to anyone who registers them; addresses are (mostly) delegated through ISPs and the DNS hierarchy makes it hard to sub-delegate less than a class C block, although CNAME aliases can be used to let someone else actually provide the info.
On Sun, 25 Jun 2006, Thomas E Dukes wrote:
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Tom Diehl Sent: Sunday, June 25, 2006 6:11 PM To: CentOS mailing list Subject: [CentOS] Re: DNS Server
On Sun, 25 Jun 2006, Thomas E Dukes wrote:
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of centos@bathnetworks.com Sent: Sunday, June 25, 2006 3:25 PM To: CentOS mailing list Subject: Re: [CentOS] DNS Server
Hello,
I have recently switched from having a dynamic IP address
and using a
DNS service like zoneedit and dyndns to having a static
IP address.
How do I stop having to use these DNS services and use my own? I tried changing the DNS servers at my registrar but it won't
accept my server.
TIA
Does your Registrar supply DNS services itself? I ask as
mine does,
but only forward, but my ISP supplies reverse DNS.
My registrar probably does, not sure about my ISP. I need
the reverse
DNS and I think zoneedit may offer it. I've been using them for serveral years with little or if any problems.
Your reverse dns MUST come from whoever owns the ipaddress. In 99.9 % of the cases that is your ISP. Some (not many) will actually deligate the reverse dns to you but most will at best add ptr's that match whatever is in the forward zone.
So even if a service such as zoneedit, say they can do reverse DNS, it won't work?
They can do it ONLY if whoever owns the ip address will delegate it to them. Even then in most cases the lookup still has to hit their name servers. Have a look at RFC 2317 for details on what it takes to delegate less than a /24.
I really don't understand how it can work in one direction and not the reverse. If they can keep up with my IP address and match it to my domainanme, seems they could do the reverse.
Because the reverse lookups belong to the in-addr.arpa domain and you do not have the authority to answer lookups for that. You have the authority to determine who is authoritave for domains which you own. That is the difference.
If you really want to know how dns works I would suggest that you get a copy of the cricket book [1] and read it. DNS is not really hard once you understand how it works. The problem is that there are a lot of details you need to understand before you can properly configure a name server. If you do manage to set one up I would also suggest that you visit http://dnsstuff.com and run the tests there to be sure you got it right.
Regards,
Tom
[1] http://books.google.com/books?id=PGwdIJKRxekC&printsec=frontcover&dq...
On Sun, 2006-06-25 at 20:32 -0400, Thomas E Dukes wrote: <snip>
So even if a service such as zoneedit, say they can do reverse DNS, it won't work?
I really don't understand how it can work in one direction and not the reverse. If they can keep up with my IP address and match it to my domainanme, seems they could do the reverse.
OK ... rather than you staying confused on this issue, I will try to explain it in basic terms.
DNS converts names to IPs (forward lookups) and IPs to names (reverse lookups).
A forward lookup is when you have a name (www.abcxyz.com) and need a number. This this case, there is a domain owner and that domain has it's own DNS Zone. The owner of that Zone can put whatever IP addresses (numbers) with names that they want in that zone.
In the case of a forward lookup, there is no predefined zone at all ... you can have as many names as you want, and since people pay for it (the name), it stands to reason that will keep it updated properly.
A reverse lookup is different. The standard for reverse lookups break them down in "Class C" blocks (that is, the first 3 groups of numbers are the network number, the last group is the host number). If you have an ip address of:
192.87.99.234
The network number is 192.87.99.0, the subnet mask is 255.255.255.0, the host number is 234, and the reverse lookup domain is:
99.87.192.in-addr.arpa
All 254 host addresses in that zone are normally assigned from the owner of that zone from one machine. If someone buys the whole class C network, they get to control the zone, otherwise it is normally controlled by the ISP that owns all the IPs.
It is possible, but not usually done, to break up the reverse into smaller ranges.
Tom Diehl has already mentioned RFC 2317:
http://www.faqs.org/rfcs/rfc2317.html
Using the techniques there, an ISP _CAN_ transfer control of some reverse lookup domains. They will normally not do it unless you have a fairly large network, however.
I hope this helps you understand that forward zones are designed to easily break them down into 1 or 2 names ... but reverse zones are predefined and not designed for less than 1 class C network blocks.
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Johnny Hughes Sent: Monday, June 26, 2006 7:19 AM To: CentOS ML Subject: RE: [CentOS] Re: DNS Server
On Sun, 2006-06-25 at 20:32 -0400, Thomas E Dukes wrote:
<snip>
So even if a service such as zoneedit, say they can do
reverse DNS, it
won't work?
I really don't understand how it can work in one direction
and not the
reverse. If they can keep up with my IP address and match it to my domainanme, seems they could do the reverse.
OK ... rather than you staying confused on this issue, I will try to explain it in basic terms.
DNS converts names to IPs (forward lookups) and IPs to names (reverse lookups).
A forward lookup is when you have a name (www.abcxyz.com) and need a number. This this case, there is a domain owner and that domain has it's own DNS Zone. The owner of that Zone can put whatever IP addresses (numbers) with names that they want in that zone.
In the case of a forward lookup, there is no predefined zone at all ... you can have as many names as you want, and since people pay for it (the name), it stands to reason that will keep it updated properly.
A reverse lookup is different. The standard for reverse lookups break them down in "Class C" blocks (that is, the first 3 groups of numbers are the network number, the last group is the host number). If you have an ip address of:
192.87.99.234
The network number is 192.87.99.0, the subnet mask is 255.255.255.0, the host number is 234, and the reverse lookup domain is:
99.87.192.in-addr.arpa
All 254 host addresses in that zone are normally assigned from the owner of that zone from one machine. If someone buys the whole class C network, they get to control the zone, otherwise it is normally controlled by the ISP that owns all the IPs.
It is possible, but not usually done, to break up the reverse into smaller ranges.
Tom Diehl has already mentioned RFC 2317:
http://www.faqs.org/rfcs/rfc2317.html
Using the techniques there, an ISP _CAN_ transfer control of some reverse lookup domains. They will normally not do it unless you have a fairly large network, however.
I hope this helps you understand that forward zones are designed to easily break them down into 1 or 2 names ... but reverse zones are predefined and not designed for less than 1 class C network blocks.
Hello Johnny,
I guess that makes sense. It seems it would create too much work for the ISP to handle the reverse lookup for a single IP. If they dole them out that way, they should either do it or delegate them.
All this is to operate a mail server without bounces. Is this why it recommedned to use your ISP's mail server as smarthost? Does this mean I would be using the ISP's mail server for outgoing mail? Or is it just 'stamped' with the ISP's name to prevent bounces?
Thanks,
Eddie
On Mon, 2006-06-26 at 07:38 -0400, Thomas E Dukes wrote:
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Johnny Hughes Sent: Monday, June 26, 2006 7:19 AM To: CentOS ML Subject: RE: [CentOS] Re: DNS Server
On Sun, 2006-06-25 at 20:32 -0400, Thomas E Dukes wrote:
<snip>
So even if a service such as zoneedit, say they can do
reverse DNS, it
won't work?
I really don't understand how it can work in one direction
and not the
reverse. If they can keep up with my IP address and match it to my domainanme, seems they could do the reverse.
OK ... rather than you staying confused on this issue, I will try to explain it in basic terms.
DNS converts names to IPs (forward lookups) and IPs to names (reverse lookups).
A forward lookup is when you have a name (www.abcxyz.com) and need a number. This this case, there is a domain owner and that domain has it's own DNS Zone. The owner of that Zone can put whatever IP addresses (numbers) with names that they want in that zone.
In the case of a forward lookup, there is no predefined zone at all ... you can have as many names as you want, and since people pay for it (the name), it stands to reason that will keep it updated properly.
A reverse lookup is different. The standard for reverse lookups break them down in "Class C" blocks (that is, the first 3 groups of numbers are the network number, the last group is the host number). If you have an ip address of:
192.87.99.234
The network number is 192.87.99.0, the subnet mask is 255.255.255.0, the host number is 234, and the reverse lookup domain is:
99.87.192.in-addr.arpa
All 254 host addresses in that zone are normally assigned from the owner of that zone from one machine. If someone buys the whole class C network, they get to control the zone, otherwise it is normally controlled by the ISP that owns all the IPs.
It is possible, but not usually done, to break up the reverse into smaller ranges.
Tom Diehl has already mentioned RFC 2317:
http://www.faqs.org/rfcs/rfc2317.html
Using the techniques there, an ISP _CAN_ transfer control of some reverse lookup domains. They will normally not do it unless you have a fairly large network, however.
I hope this helps you understand that forward zones are designed to easily break them down into 1 or 2 names ... but reverse zones are predefined and not designed for less than 1 class C network blocks.
Hello Johnny,
I guess that makes sense. It seems it would create too much work for the ISP to handle the reverse lookup for a single IP. If they dole them out that way, they should either do it or delegate them.
All this is to operate a mail server without bounces. Is this why it recommedned to use your ISP's mail server as smarthost? Does this mean I would be using the ISP's mail server for outgoing mail? Or is it just 'stamped' with the ISP's name to prevent bounces?
Thanks,
Eddie
Most ISPs block outbound port 25 traffic now ... only allowing mail server operation (or even normal sending of e-mail via a client) to be done out of their mail servers.
I had, for many years, run a mail server on my linux box at home. Spammers (and viruses) have ruined that option for us. I now have a domain that I use for e-mail at a hosting provider, as too many servers now block dynamic ranges and cable/dsl ranges to combat spam.
I have since just setup an NX desktop and use that to get to my mail at my home desktop when I am not there ... which seems to work OK.
On Mon, June 26, 2006 7:47 am, Johnny Hughes wrote:
On Mon, 2006-06-26 at 07:38 -0400, Thomas E Dukes wrote:
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Johnny Hughes Sent: Monday, June 26, 2006 7:19 AM To: CentOS ML Subject: RE: [CentOS] Re: DNS Server
On Sun, 2006-06-25 at 20:32 -0400, Thomas E Dukes wrote:
<snip>
So even if a service such as zoneedit, say they can do
reverse DNS, it
won't work?
I really don't understand how it can work in one direction
and not the
reverse. If they can keep up with my IP address and match it to my domainanme, seems they could do the reverse.
OK ... rather than you staying confused on this issue, I will try to explain it in basic terms.
DNS converts names to IPs (forward lookups) and IPs to names (reverse lookups).
A forward lookup is when you have a name (www.abcxyz.com) and need a number. This this case, there is a domain owner and that domain has it's own DNS Zone. The owner of that Zone can put whatever IP addresses (numbers) with names that they want in that zone.
In the case of a forward lookup, there is no predefined zone at all ... you can have as many names as you want, and since people pay for it (the name), it stands to reason that will keep it updated properly.
A reverse lookup is different. The standard for reverse lookups break them down in "Class C" blocks (that is, the first 3 groups of numbers are the network number, the last group is the host number). If you have an ip address of:
192.87.99.234
The network number is 192.87.99.0, the subnet mask is 255.255.255.0, the host number is 234, and the reverse lookup domain is:
99.87.192.in-addr.arpa
All 254 host addresses in that zone are normally assigned from the owner of that zone from one machine. If someone buys the whole class C network, they get to control the zone, otherwise it is normally controlled by the ISP that owns all the IPs.
It is possible, but not usually done, to break up the reverse into smaller ranges.
Tom Diehl has already mentioned RFC 2317:
http://www.faqs.org/rfcs/rfc2317.html
Using the techniques there, an ISP _CAN_ transfer control of some reverse lookup domains. They will normally not do it unless you have a fairly large network, however.
I hope this helps you understand that forward zones are designed to easily break them down into 1 or 2 names ... but reverse zones are predefined and not designed for less than 1 class C network blocks.
Hello Johnny,
I guess that makes sense. It seems it would create too much work for the ISP to handle the reverse lookup for a single IP. If they dole them out that way, they should either do it or delegate them.
All this is to operate a mail server without bounces. Is this why it recommedned to use your ISP's mail server as smarthost? Does this mean I would be using the ISP's mail server for outgoing mail? Or is it just 'stamped' with the ISP's name to prevent bounces?
Thanks,
Eddie
Most ISPs block outbound port 25 traffic now ... only allowing mail server operation (or even normal sending of e-mail via a client) to be done out of their mail servers.
I had, for many years, run a mail server on my linux box at home. Spammers (and viruses) have ruined that option for us. I now have a domain that I use for e-mail at a hosting provider, as too many servers now block dynamic ranges and cable/dsl ranges to combat spam.
I have since just setup an NX desktop and use that to get to my mail at my home desktop when I am not there ... which seems to work OK.
There are a select few ISP's still home-server friendly, one being Speakeasy.net.
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Paul Sent: Monday, June 26, 2006 7:52 AM To: CentOS mailing list Subject: RE: [CentOS] Re: DNS Server
On Mon, June 26, 2006 7:47 am, Johnny Hughes wrote:
On Mon, 2006-06-26 at 07:38 -0400, Thomas E Dukes wrote:
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Johnny Hughes Sent: Monday, June 26, 2006 7:19 AM To: CentOS ML Subject: RE: [CentOS] Re: DNS Server
On Sun, 2006-06-25 at 20:32 -0400, Thomas E Dukes wrote:
<snip>
So even if a service such as zoneedit, say they can do
reverse DNS, it
won't work?
I really don't understand how it can work in one direction
and not the
reverse. If they can keep up with my IP address and
match it to
my domainanme, seems they could do the reverse.
OK ... rather than you staying confused on this issue, I
will try
to explain it in basic terms.
DNS converts names to IPs (forward lookups) and IPs to names (reverse lookups).
A forward lookup is when you have a name
(www.abcxyz.com) and need
a number. This this case, there is a domain owner and
that domain
has it's own DNS Zone. The owner of that Zone can put
whatever IP
addresses (numbers) with names that they want in that zone.
In the case of a forward lookup, there is no predefined
zone at all
... you can have as many names as you want, and since people
pay for it
(the name), it stands to reason that will keep it
updated properly.
A reverse lookup is different. The standard for reverse lookups break them down in "Class C" blocks (that is, the first
3 groups of
numbers are the network number, the last group is the
host number).
If you have an ip address of:
192.87.99.234
The network number is 192.87.99.0, the subnet mask is 255.255.255.0, the host number is 234, and the reverse lookup domain is:
99.87.192.in-addr.arpa
All 254 host addresses in that zone are normally
assigned from the
owner of that zone from one machine. If someone buys the whole class C network, they get to control the zone, otherwise it is normally controlled by the ISP that owns all the IPs.
It is possible, but not usually done, to break up the
reverse into
smaller ranges.
Tom Diehl has already mentioned RFC 2317:
http://www.faqs.org/rfcs/rfc2317.html
Using the techniques there, an ISP _CAN_ transfer
control of some
reverse lookup domains. They will normally not do it unless you have a fairly large network, however.
I hope this helps you understand that forward zones are
designed to
easily break them down into 1 or 2 names ... but reverse
zones are
predefined and not designed for less than 1 class C
network blocks.
Hello Johnny,
I guess that makes sense. It seems it would create too
much work for
the ISP to handle the reverse lookup for a single IP. If
they dole
them out that way, they should either do it or delegate them.
All this is to operate a mail server without bounces. Is
this why it
recommedned to use your ISP's mail server as smarthost? Does this mean I would be using the ISP's mail server for outgoing
mail? Or is
it just 'stamped' with the ISP's name to prevent bounces?
Thanks,
Eddie
Most ISPs block outbound port 25 traffic now ... only allowing mail server operation (or even normal sending of e-mail via a
client) to be
done out of their mail servers.
I had, for many years, run a mail server on my linux box at home. Spammers (and viruses) have ruined that option for us. I now have a domain that I use for e-mail at a hosting provider, as too many servers now block dynamic ranges and cable/dsl ranges to
combat spam.
I have since just setup an NX desktop and use that to get
to my mail
at my home desktop when I am not there ... which seems to work OK.
There are a select few ISP's still home-server friendly, one being Speakeasy.net.
Hi Paul,
My ISP, Alltel, doesn't block ports. I have been using their service for about 6 years. Started with a dynamic IP and just switched to a Bussiness Class DSL with a static IP. So far they have been easy to deal with. Its just hard to find the right person to speak with.
Thanks!!
On Mon, 26 Jun 2006, Paul wrote:
On Mon, June 26, 2006 7:47 am, Johnny Hughes wrote:
On Mon, 2006-06-26 at 07:38 -0400, Thomas E Dukes wrote:
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Johnny Hughes Sent: Monday, June 26, 2006 7:19 AM To: CentOS ML Subject: RE: [CentOS] Re: DNS Server
On Sun, 2006-06-25 at 20:32 -0400, Thomas E Dukes wrote:
<snip>
So even if a service such as zoneedit, say they can do
reverse DNS, it
won't work?
I really don't understand how it can work in one direction
and not the
reverse. If they can keep up with my IP address and match it to my domainanme, seems they could do the reverse.
OK ... rather than you staying confused on this issue, I will try to explain it in basic terms.
DNS converts names to IPs (forward lookups) and IPs to names (reverse lookups).
A forward lookup is when you have a name (www.abcxyz.com) and need a number. This this case, there is a domain owner and that domain has it's own DNS Zone. The owner of that Zone can put whatever IP addresses (numbers) with names that they want in that zone.
In the case of a forward lookup, there is no predefined zone at all ... you can have as many names as you want, and since people pay for it (the name), it stands to reason that will keep it updated properly.
A reverse lookup is different. The standard for reverse lookups break them down in "Class C" blocks (that is, the first 3 groups of numbers are the network number, the last group is the host number). If you have an ip address of:
192.87.99.234
The network number is 192.87.99.0, the subnet mask is 255.255.255.0, the host number is 234, and the reverse lookup domain is:
99.87.192.in-addr.arpa
All 254 host addresses in that zone are normally assigned from the owner of that zone from one machine. If someone buys the whole class C network, they get to control the zone, otherwise it is normally controlled by the ISP that owns all the IPs.
It is possible, but not usually done, to break up the reverse into smaller ranges.
Tom Diehl has already mentioned RFC 2317:
http://www.faqs.org/rfcs/rfc2317.html
Using the techniques there, an ISP _CAN_ transfer control of some reverse lookup domains. They will normally not do it unless you have a fairly large network, however.
I hope this helps you understand that forward zones are designed to easily break them down into 1 or 2 names ... but reverse zones are predefined and not designed for less than 1 class C network blocks.
Hello Johnny,
I guess that makes sense. It seems it would create too much work for the ISP to handle the reverse lookup for a single IP. If they dole them out that way, they should either do it or delegate them.
All this is to operate a mail server without bounces. Is this why it recommedned to use your ISP's mail server as smarthost? Does this mean I would be using the ISP's mail server for outgoing mail? Or is it just 'stamped' with the ISP's name to prevent bounces?
Thanks,
Eddie
Most ISPs block outbound port 25 traffic now ... only allowing mail server operation (or even normal sending of e-mail via a client) to be done out of their mail servers.
I had, for many years, run a mail server on my linux box at home. Spammers (and viruses) have ruined that option for us. I now have a domain that I use for e-mail at a hosting provider, as too many servers now block dynamic ranges and cable/dsl ranges to combat spam.
I have since just setup an NX desktop and use that to get to my mail at my home desktop when I am not there ... which seems to work OK.
There are a select few ISP's still home-server friendly, one being Speakeasy.net.
+1 for Speakeasy. They also have a very active abuse desk.
Regards,
Tom
Hello,
Just wanted to thank everyone for their responses. I called my ISP today and they set up the reverse DNS without any teeth pulling involved.
Thanks!!!!
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Tom Diehl Sent: Monday, June 26, 2006 3:36 PM To: CentOS mailing list Subject: [CentOS] Re: DNS Server
On Mon, 26 Jun 2006, Paul wrote:
On Mon, June 26, 2006 7:47 am, Johnny Hughes wrote:
On Mon, 2006-06-26 at 07:38 -0400, Thomas E Dukes wrote:
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Johnny Hughes Sent: Monday, June 26, 2006 7:19 AM To: CentOS ML Subject: RE: [CentOS] Re: DNS Server
On Sun, 2006-06-25 at 20:32 -0400, Thomas E Dukes wrote:
<snip>
So even if a service such as zoneedit, say they can do
reverse DNS, it
won't work?
I really don't understand how it can work in one direction
and not the
reverse. If they can keep up with my IP address and
match it to
my domainanme, seems they could do the reverse.
OK ... rather than you staying confused on this issue, I
will try
to explain it in basic terms.
DNS converts names to IPs (forward lookups) and IPs to names (reverse lookups).
A forward lookup is when you have a name
(www.abcxyz.com) and need
a number. This this case, there is a domain owner and
that domain
has it's own DNS Zone. The owner of that Zone can put
whatever IP
addresses (numbers) with names that they want in that zone.
In the case of a forward lookup, there is no predefined
zone at all
... you can have as many names as you want, and since people
pay for it
(the name), it stands to reason that will keep it
updated properly.
A reverse lookup is different. The standard for reverse lookups break them down in "Class C" blocks (that is, the first
3 groups of
numbers are the network number, the last group is the
host number).
If you have an ip address of:
192.87.99.234
The network number is 192.87.99.0, the subnet mask is 255.255.255.0, the host number is 234, and the reverse lookup domain is:
99.87.192.in-addr.arpa
All 254 host addresses in that zone are normally
assigned from the
owner of that zone from one machine. If someone buys the whole class C network, they get to control the zone, otherwise it is normally controlled by the ISP that owns all the IPs.
It is possible, but not usually done, to break up the
reverse into
smaller ranges.
Tom Diehl has already mentioned RFC 2317:
http://www.faqs.org/rfcs/rfc2317.html
Using the techniques there, an ISP _CAN_ transfer
control of some
reverse lookup domains. They will normally not do it unless you have a fairly large network, however.
I hope this helps you understand that forward zones are
designed to
easily break them down into 1 or 2 names ... but reverse
zones are
predefined and not designed for less than 1 class C
network blocks.
Hello Johnny,
I guess that makes sense. It seems it would create too much work for the ISP to handle the reverse lookup for a single IP.
If they
dole them out that way, they should either do it or delegate them.
All this is to operate a mail server without bounces. Is
this why
it recommedned to use your ISP's mail server as smarthost? Does this mean I would be using the ISP's mail server for
outgoing mail?
Or is it just 'stamped' with the ISP's name to prevent bounces?
Thanks,
Eddie
Most ISPs block outbound port 25 traffic now ... only
allowing mail
server operation (or even normal sending of e-mail via a
client) to
be done out of their mail servers.
I had, for many years, run a mail server on my linux box at home. Spammers (and viruses) have ruined that option for us. I
now have a
domain that I use for e-mail at a hosting provider, as too many servers now block dynamic ranges and cable/dsl ranges to
combat spam.
I have since just setup an NX desktop and use that to get
to my mail
at my home desktop when I am not there ... which seems to work OK.
There are a select few ISP's still home-server friendly, one being Speakeasy.net.
+1 for Speakeasy. They also have a very active abuse desk.
Regards,
Tom _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Hi There
Been using the BQ Cent OS on 2 servers with DNS I have 3 other DNS's ... 5 all told I may add a 6 in the next few weeks DNS to me is the easy part..... I just had to change 2 DNS IP's because my co lo provider changed Backbone providers.... Fun..Fun...
Be sure you have the IP/Name in your registrar and you need 2 DNS's as a minimum and you should have dns's on different classes of IP address... I have DNS's on Cable Modems, ADSL and a T3....
You could run a DNS from a dial up because the data needed is in the bytes size... Once a DNS is working ...it will run by it's self
I have even used TreeWalk DNS if you do not mind the use of notepad to set it up....
Drawback..... If you get someone PO at you they can take you off the net by doing a DDOS attack against your DNS's and get your provider PO at you.... But they could flood your pipe just by flooding your web server.
Franklin S. Werren www.bagpipes.net www.chautauqualake.net www.chautauqua.us
My 2 cents: Never get caught between 2 Tier 1 ISP's in a pissing match!! The Net will loose every time!!!
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Thomas E Dukes Sent: Sunday, June 25, 2006 1:25 PM To: CentOS Subject: [CentOS] DNS Server
Hello,
I have recently switched from having a dynamic IP address and using a DNS service like zoneedit and dyndns to having a static IP address.
How do I stop having to use these DNS services and use my own? I tried changing the DNS servers at my registrar but it won't accept my server.
TIA
_______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-- No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.1.394 / Virus Database: 268.9.3/374 - Release Date: 6/23/2006
-
Barry Brimer -
centos@bathnetworks.com -
Chris Fox -
Franklin S Werren -
Johnny Hughes -
Johnny Hughes -
Karl R. Balsmeier -
Les Mikesell -
Paul -
Paul Heinlein -
Robert Spangler -
Rodrigo Barbosa -
Thomas E Dukes -
Tom Diehl -
Tony Wicks