How TO manage 2 .com's on the same DNS BOX?

Kevin Darcy kcd at daimlerchrysler.com
Thu Dec 2 02:25:46 UTC 1999


Michael Chang wrote:

> Hello,
>
> Can anyone out there in bind land defer me or lend me a word of advice
> on managing 2 or 3 different domains (domain1.com , domain2.com,
> domain3.com) on the same box.  Can I do this with one version of bind?
> Is it just a matter of pointing internic to my primary name server and
> adding Origin and SOA records?  Please lend a helping hand?

You should create separate master files for each of those domains and
each domain needs a separate definition in your named.conf file (assuming
you're running BIND 8; otherwise its named.boot with a different syntax).
Your named.conf should end up looking something like:

options {
    directory "{whatever}";
};

logging {
    category queries { default_syslog; };
};

zone "." {
    type hint;
    file "hints";
};

zone "domain1.com" {
    type master;
    file "domain1.com";
};

zone "domain2.com" {
    type master;
    file "domain2.com";
};

(etc.)

(You can customize the file and directory names, of course, and you might
want to customize the logging options too. If you're particularly
concerned about security, you might also want to set limits on who can do
zone transfers from you, and who can query your servers recursively).

The hints file should contain the latest root server hint information.
You can get it at ftp://ftp.internic.net/domain/named.cache.

In each master file, you'll need a $TTL declaration at the top (if you're
running 8.2 or greater), exactly one SOA record and multiple NS records.
Below that, you can add whatever content, in the form of
A/CNAME/MX/PTR/etc. records you wish. The master file format is
documented in the BIND distribution, along with all of the gory specifics
of the named.conf file. That'll get those domains up and running, and
yes, once they are operational, you should just have the NIC (re)point
the nameserver records to your servers. The NIC requires at least 2
nameservers, by the way, so if you have only one, you'll have to get
someone else to be a slave.

Another thing: if your domains are going to contain
A (name-to-address) records, you might also want to consider becoming
master for your own reverse zone(s) as well, so that you would have
control of the reverse (address-to-name) mappings. You would typically
get reverse zones delegated to you from your network provider, however,
rather than the NIC, and unless you are fortunate enough to have an
allocated range on an octet boundary, your network provider may need to
play some tricks (see RFC 2317) in order to allow you to maintain that
data.

Oh, and get _DNS_and_BIND_ from O'Reilly, the DNS "bible". It explains
all of this and much more (except that the $TTL directive is newer than
the book).


- Kevin



More information about the bind-users mailing list