[CentOS] DNS wizard

Sam Drinkard sam at wa4phy.net
Fri Dec 30 03:54:32 UTC 2005


Les Mikesell wrote:

>On Thu, 2005-12-29 at 21:18, Sam Drinkard wrote:
>  
>
>>> 
>>>
>>>      
>>>
>>>>>@       A       216.104.158.222
>>>>>vortex  A       216.104.158.222
>>>>>@       MX      10 wa4phy.net.  ;Primary Mail Exchanger
>>>>>        MX      20 smtp7.bagger.usbn.net. ;Secondary MX
>>>>>www     CNAME   wa4phy.net.
>>>>>ftp     CNAME   wa4phy.net.
>>>>>     
>>>>>
>>>>>          
>>>>>
>>> 
>>>
>>>      
>>>
>>>>Thanks Maze.. pretty much what I finally wound up with.  Guess things
>>>>tend to change over time and I don't try to keep up with everything
>>>>when it all still works.  
>>>>   
>>>>
>>>>        
>>>>
>>>One other thing that might not be obvious: CNAMEs aren't
>>>just for the A record, they get all associated data too
>>>so you are providing an MX record for www.wa4phy.net
>>>and ftp.wa4phy.net.  It doesn't hurt anything but it
>>>might not be what you expect.
>>>
>>> 
>>>
>>>      
>>>
>>Not sure I follow what you are talking about Les.  Can you be a bit more 
>>specific?
>>    
>>
>
>Cnames are effectively the same as the record they
>point to.  You probably intend for any mail sent to
>user at wa4phy.net to be sent to the primary/secondary
>MX receivers you specified, but as a side effect
>of the CNAME, mail sent to user at www.wa4phy.net or
>user at ftp.wa4phy.net would go to the same places because
>the MX records also apply to them.  It isn't likely to
>matter in this case, but someday you might want to 
>direct mail to those addresses elsewhere and be surprised
>that you can't give them a different MX.  Or if you
>actually want mail to go to those addresses you might
>be surprised when they sometimes hit the secondary
>MX that might not be configured for them.
>
>  
>
Actually, I probably should remove the ftp entry anyhow as I don't allow 
ftp from anywhere except for myself and a couple of others, via sftp.  
As for the web entry, don't really have any issue with mail going to it, 
as it winds up going to root, which eventually winds up getting to me 
either way.  The Cnames there were intended to prevent one from having 
to enter an ip address more so than anything else.  Not  a big deal the 
way I see it, but since I'm the only person receiving mail from here, 
that really makes it less of an issue.  I really need to peruse the bind 
9 docs, as well as the RFC's pertaining.  I'm sure much has changed in 
20 years.



-- 
Snowman




More information about the CentOS mailing list