[CentOS] DNS wizard
Maciej Żenczykowski
maze at cela.pl
Thu Dec 29 21:58:26 UTC 2005
> Ok.. I'm assuming you mean the "." after localhost. I missed it too.
> As for the names vs. ip's is that a change in the bind 9 stuff? Any
> other errors or mistakes you see?
Well the lack of a dot after localhost is weird, of course with the '.'
there it wouldn't work (it would be a reference outside of it's zone),
normally I handle localhost in a different zone file, or just rely on
/etc/hosts to do it [although normally I use djbdns so I don't actually
have a bind server set up anywhere...])
The main problem though is something else: it is ILLEGAL (and has always
been) to specify a quad-dotted-IP for an NS record - NS records must point
to HOSTNAMES, and only these HOSTNAMES, can have A or AAAA or AWHATEVER
records to provide HOSTNAME to IPv4/IPv6/IPwhatever mappings.
That's why I suggested:
#!/bin/bash
for i in ns1 ns2 ns3; do
echo "@ NS $i"
echo "$i A place.ip.number.here"
done
Which makes the NS records for domain.com point to ns[123].domain.com, and
makes A records for ns[123].domain.com point to the actual IPs.
That's the ONLY correct and sure way to do it.
Having records of the "domain.com NS ip.address.placed.here" form SHOULD
never work - or rather it WILL work if you happen to hit upon a buggy dns
server/cache somewhere along the way which is behaving out of spec with
the RFCs. Since for some (few) dns servers it will work and for others it
won't, your domain will be accessible to some and inaccessible to
others... pretty randomly - unless you know what to look for.
In your case, stuff works - but only because the .net domain servers are
returning different (correct) info. So basically your NS entries are
being ignored and the entries from your provider are winning out - lucky
you.
Cheers,
MaZe.
More information about the CentOS
mailing list