OK, I am confused and DNS is the reason.
So, Comcast, 13 public IP's bound to my modem.
Each public IP has a DNS name from comcast (they assign it automatically) like:
173.13.167.209 --> 173-13-167-209-sfba.hfc.comcastbusiness.net
I created a DNS entry at GoDaddy for 173.13.167.209 that is 'inhouse.theindiecompanyllc.com'
When eth0 is alive, I see that it tells me my name is 173-13-167-209-sfba.hfc.comcastbusiness.net since I am using a comcast DNS Server.
So if I setup my own internal caching name server for 173.13.167.209 then I have a third name or can I just use the GoDaddy DNS entry I gave it? Do I then set my systems to use my local name server for their information and not Comcast? How does that effect internet browsing where I dont have entries for google.com, etc in my local name server?
Lastly, If I have two NICS (one is 173.13.167.209 and second private internal IP) For my local name server I would have two entries, one for public and one for the private card so I can do something like 'inhouse.local' and get intranet or ssh inhouse.local, etc correct?
I see that Paul Heinlin put out a DNS tutorial here: http://www.madboa.com/geek/soho-bind/ Paul, I appreciate this!
-ML
ML wrote:
OK, I am confused and DNS is the reason.
So, Comcast, 13 public IP's bound to my modem.
13 IPs for your modem? Is this a business account or something?
Each public IP has a DNS name from comcast (they assign it automatically) like:
173.13.167.209 --> 173-13-167-209-sfba.hfc.comcastbusiness.net
I created a DNS entry at GoDaddy for 173.13.167.209 that is 'inhouse.theindiecompanyllc.com'
You can use Godaddy to set DNS for 'inhouse.theindiecompanyllc.com' to 173.13.167.209, but to do the reverse, you will need Comcast to delegate DNS authority to you for the reverse domains. (For just a few of them, you would be better off asking Comcast to set the reverse names for you ... don't know if they will do that or not).
When eth0 is alive, I see that it tells me my name is 173-13-167-209-sfba.hfc.comcastbusiness.net since I am using a comcast DNS Server.
Doesn't matter what server you use, they should all return this since Comcast is in control here.
So if I setup my own internal caching name server for 173.13.167.209 then I have a third name or can I just use the GoDaddy DNS entry I gave it? Do I then set my systems to use my local name server for their information and not Comcast? How does that effect internet browsing where I dont have entries for google.com, etc in my local name server?
I think you are confusing forward and reverse DNS lookups.
A forward DNS lookup is this:
$ host buc.com buc.com has address 205.245.136.11
A reverse lookup is this:
$ host 205.245.136.11 localhost 11.136.245.205.in-addr.arpa domain name pointer menu.buc.com.
The forward lookup is handled by your Godaddy DNS. This is all that is needed for letting someone get to your server by name. The reverse lookup must be handled by whoever controls the IP addresses. This is usually your ISP (Comcast). Changing the reverse lookup may not be necessary depending on what you are trying to do.
If you tell us what you are trying to accomplish we may be able to offer further suggestions.
Lastly, If I have two NICS (one is 173.13.167.209 and second private internal IP) For my local name server I would have two entries, one for public and one for the private card so I can do something like 'inhouse.local' and get intranet or ssh inhouse.local, etc correct?
I'm not sure what you are trying to say here. The two NICs should not matter as long as you have them configured correctly. The system will use whichever NIC it requires to get to the IP address given to it by the DNS (or host file, or whatever).
Like Bowie said, the owner of the IP block (under ARIN or whatever registry you are under) must provide the reverse (IP-Number to host.domain) resolution. I have customers that we issue /30's and larger to that want to run their own mail-server for example. As the ISP under ARIN I simply give them an A or CNAME record so that when they send email, the IP that is visible as their email server is registered in my Reverse DNS as a valid host. ARIN does this to control SPAM, they make the IP block owner responsible. Also not 100% sure exactly what you are trying to do. LK
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Bowie Bailey Sent: Friday, October 09, 2009 12:17 PM To: centos@centos.org Subject: Re: [CentOS] DNS is confusing! (I really need some help understanding!)
ML wrote:
OK, I am confused and DNS is the reason.
So, Comcast, 13 public IP's bound to my modem.
13 IPs for your modem? Is this a business account or something?
Each public IP has a DNS name from comcast (they assign it automatically) like:
173.13.167.209 --> 173-13-167-209-sfba.hfc.comcastbusiness.net
I created a DNS entry at GoDaddy for 173.13.167.209 that is 'inhouse.theindiecompanyllc.com'
You can use Godaddy to set DNS for 'inhouse.theindiecompanyllc.com' to 173.13.167.209, but to do the reverse, you will need Comcast to delegate DNS authority to you for the reverse domains. (For just a few of them, you would be better off asking Comcast to set the reverse names for you ... don't know if they will do that or not).
When eth0 is alive, I see that it tells me my name is 173-13-167-209-sfba.hfc.comcastbusiness.net since I am using a comcast DNS Server.
Doesn't matter what server you use, they should all return this since Comcast is in control here.
So if I setup my own internal caching name server for 173.13.167.209 then I have a third name or can I just use the GoDaddy DNS entry I gave it? Do I then set my systems to use my local name server for their information and not Comcast? How does that effect internet browsing where I dont have entries for google.com, etc in my local name server?
I think you are confusing forward and reverse DNS lookups.
A forward DNS lookup is this:
$ host buc.com buc.com has address 205.245.136.11
A reverse lookup is this:
$ host 205.245.136.11 localhost 11.136.245.205.in-addr.arpa domain name pointer menu.buc.com.
The forward lookup is handled by your Godaddy DNS. This is all that is needed for letting someone get to your server by name. The reverse lookup must be handled by whoever controls the IP addresses. This is usually your ISP (Comcast). Changing the reverse lookup may not be necessary depending on what you are trying to do.
If you tell us what you are trying to accomplish we may be able to offer further suggestions.
Lastly, If I have two NICS (one is 173.13.167.209 and second private internal IP) For my local name server I would have two entries, one for public and one for the private card so I can do something like 'inhouse.local' and get intranet or ssh inhouse.local, etc correct?
I'm not sure what you are trying to say here. The two NICs should not matter as long as you have them configured correctly. The system will use whichever NIC it requires to get to the IP address given to it by the DNS (or host file, or whatever).
________________________________ From: Bowie Bailey Bowie_Bailey@BUC.com To: centos@centos.org Sent: Fri, October 9, 2009 9:17:26 AM Subject: Re: [CentOS] DNS is confusing! (I really need some help understanding!)
ML wrote:
OK, I am confused and DNS is the reason.
So, Comcast, 13 public IP's bound to my modem.
13 IPs for your modem? Is this a business account or something?
Each public IP has a DNS name from comcast (they assign it automatically) like:
173.13.167.209 --> 173-13-167-209-sfba.hfc.comcastbusiness.net
I created a DNS entry at GoDaddy for 173.13.167.209 that is 'inhouse.theindiecompanyllc.com'
You can use Godaddy to set DNS for 'inhouse.theindiecompanyllc.com' to 173.13.167.209, but to do the reverse, you will need Comcast to delegate DNS authority to you for the reverse domains. (For just a few of them, you would be better off asking Comcast to set the reverse names for you ... don't know if they will do that or not).
Yes, if you call Comcast's Business Class Customer Care at 888.563.2933, their technical support can modify the reverse DNS pointer record so that 173.13.167.209 resolves to nhouse.theindiecompanyllc.com. I've contacted Comcast before to delegate RDNS authority to me, but they didn't allow that for customers. When I had AT&T DSL, AT&T did delegate RDNS authority to me.
Wilson _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
__________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
On Fri, 9 Oct 2009, ML wrote:
So, Comcast, 13 public IP's bound to my modem.
Each public IP has a DNS name from comcast (they assign it automatically) like:
173.13.167.209 --> 173-13-167-209-sfba.hfc.comcastbusiness.net
I created a DNS entry at GoDaddy for 173.13.167.209 that is 'inhouse.theindiecompanyllc.com'
When eth0 is alive, I see that it tells me my name is 173-13-167-209-sfba.hfc.comcastbusiness.net since I am using a comcast DNS Server.
So if I setup my own internal caching name server for 173.13.167.209 then I have a third name or can I just use the GoDaddy DNS entry I gave it? Do I then set my systems to use my local name server for their information and not Comcast? How does that effect internet browsing where I dont have entries for google.com, etc in my local name server?
Others have mentioned contacting Comcast to ask for a change in the reverse-pointer they publish to the world. That's the best solution, albeit one out of your control.
If your concern is mostly internal name resolution, you can tell your local DNS server that it's authoritative for 173.13.167.0/24 and set up local A and PTR entries. Obviously, you're not really authoritative for that subnet (Comcast is), but it allows you to control how your network resolves all the addresses you've been assigned, presumably 173.13.67.208-223. The rest of the world will still see Comcast's names, but your network will resolve them as you'd like.
Lastly, If I have two NICS (one is 173.13.167.209 and second private internal IP) For my local name server I would have two entries, one for public and one for the private card so I can do something like 'inhouse.local' and get intranet or ssh inhouse.local, etc correct?
Just tell your local DNS server that it's authoritative for whatever subnet you're using for your private internal IP, set up the zone and revp files, and you're in like Flynn.
I see that Paul Heinlin put out a DNS tutorial here: http://www.madboa.com/geek/soho-bind/ Paul, I appreciate this!
Thank Carla Schroder. She asked me to write that bit for her (excellent) Linux Cookbook and encouraged me to publish my original version of it...
-
Bowie Bailey -
Kemp, Larry -
ML -
Paul Heinlein -
Wilson Lee