DNS, redux

Tue Jan 27 23:46:21 UTC 2004

On Tuesday 27 January 2004 17:23, Madison Kelly wrote:

> The setup is like this;
> Master zones are on 209.167.86.46
> Slave zones are on 209.167.86.38 and ..34
> The IP slice of our public IP block is 209.167.86.32/27

I'd recommend not putting all of your eggs in one basket, both of the dns 
servers that you're using are relying on a single Internet connection and a 
single hydro feed (I'm guessing).  You should have at least one off-site dns 
server.  I use http://www.backupdns.com/ as my secondary ... they're cheap 
and fairly reliable.

> On the registrar for my domain I set the NS to
> 'ns1.madisonave.ca/209.167.86.46' and 'ns2.madisonave.ca/209.167.86.38'

For which domain?  Neither alteeve.com or madisonave.ca are showing those as 
their dns servers.

> Below I will attach a protion of my 'named.conf' and the full zone files
> for 'madisonave.ca' and 'alteeve.com'. The later is a live domain and will
> be the second to try migrating. I will also include the relevant portions
> of the named.conf file from the slave (both slaves are the same).

This could be a problem:

	fraser-74b65gqZ7FE at public.gmane.org% host -t ns madisonave.ca 142.77.1.1                          
	madisonave.ca           NS      ns2.alteeve.com
	 !!! madisonave.ca NS host ns2.alteeve.com does not exist
	madisonave.ca           NS      ns1.alteeve.com
	 !!! madisonave.ca NS host ns1.alteeve.com does not exist

ns1.alteeve.com and ns2.alteeve.com must exist in the alteeve.com zone file 
(just as A records is fine).

> Just before though, do I handle the names 'ns1..' and 'ns2..' the same as
> any other domain name or do I need to somehow "register" them as name
> servers? Also, beyond the registrar record pointing at 'ns1..' and 'ns2..'
> how do I make sure other NSs know where to look for those name servers? I
> ask because I've noticed some registrars won't let you enter a NS IP
> anymore, only the FQDN.

There are times when you have to register nameservers, I don't recall exactly 
at the momement under what circumstances.  I'd assume that if a dns resolver 
gets a nameserver of "ns1.alteeve.com" handed to it (instead of an IP) that 
it would just do a regular lookup for that name, perhaps something like this:

- query to the .com root servers to find the nameservers for alteeve.com
- query one of alteeve.com's nameservers to find address of ns1.alteeeve.com
- query ns1.alteeve.com in order to find address in madisonave.ca requested

I think that if you get ns1.alteeve.com and ns2.alteeve.com added to your 
alteeve.com zone then you might fare a little better.

>                                 IN NS   ns1.madisonave.ca.
>                                 IN NS   ns2.madisonave.ca.

If you want to use nameservers in a .ca domain then I think that is one case 
where you must register the nameservers.  OpenSRS has an option in their 
interface (for resellers at least) entitled "Add nameserver to all foreign 
registries".  I'm not 100% sure of the technical reason for it but you might 
need to do it.

Right now the problem appears to be that nobody is actually querying your 
nameserver, dns requests are going to ns1.alteeve.com and ns2.alteeve.com, 
bring those two nameservers into existence (A records in alteeve.com zone) 
and your problems might be solved.

-- 
Fraser Campbell <fraser-Txk5XLRqZ6CsTnJN9+BGXg at public.gmane.org>                 http://www.wehave.net/
Georgetown, Ontario, Canada                         Debian GNU/Linux

--
The Toronto Linux Users Group.      Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml