dns configure problem
Thomas J. Rude
tjrude at predict-dli.com
Wed Sep 8 15:29:43 UTC 1999
To All-
Thanks for the previous hints and information. However, I still cannot
get the dns service to function correctly. While I have attempted
various configurations, the best I've gotten is internet access but no
e-mail being delivered nor sent out (just sat in Exchange IMC queue). I
don't care about internet, but obviously e-mail is the necessity. Here
is some information about my setup:
1 DNS server running on NT 4.0, SP 4. DNS software is META IP 4.1.
Name of DNS server is MGNTFW. There are two NICs with external IP of
207.206.8.34 and internal IP of 172.16.2.111 in MGNTFW. Name of e-mail
server running Exchange 4.0 is VALIANT and the external IP address is
207.206.8.55 while internal IP address is 172.16.3.201. In the Network
Properties of users' desktops the DNS server is listed as 172.16.2.111.
I'm doing address translation on the firewall (same server as dns,
MGNTFW) for two sites:
XL-DLI with internal IP network of 172.16.4.0 and external IP address of
207.206.8.39
XL-PT with internal IP network of 172.16.3.0 and external IP address of
207.206.8.38
(I.E., a PT user shows as being from 207.206.8.38 to the outside world
while on the internet)
I have a couple of quick questions first:
1) where should an MX record point to (A, CNAME)? I ask because in
our old setup, which works correctly, the MX record points to a CNAME,
however, I have heard that it should point to an A record.
2) can you not have more than one CNAME record per zone? (or, is that
a bad idea? Again, just what I have heard)
3) Since I am using the same DNS server for internal and external, how
should I go about setting this up? I.E, what are the security
implications of allowing queries and transfers? ALSO, would I create
two zones (one for the external IP address and one for the internal IP
address)?
Below (apologies for the length) is the OLD setup first followed by my
most recent attempt at a NEW setup. Please note that the old domain was
MAN-GILL.COM while I would like the new setup to reflect our new domain
PREDICT-DLI.COM.
OLD:
MAN-GILL.COM.DB
; ***********************************************************
; * This file is auto-generated. It may be edited by hand,
; * but comments and formatting will not be preserved.
; * It forward-maps the man-gill.com domain.
; ***********************************************************
;
; Subnet 207.206.8
; Subnet 127.0.0
; Subnet 172.16.2
;
@ IN SOA mgntfw.man-gill.com. tjrude.predict-dli.com. (
1997032062 ; serial
10800 ; refresh
3600 ; retry
604800 ; expire
86400) ; minimum
;
; Nameserver(s) for the man-gill.com domain.
;
man-gill.com. IN NS ns1.man-gill.com.
man-gill.com. IN NS ns2.iagnet.net.
man-gill.com. IN NS mgntns.man-gill.com.
;
; Mail server(s) in the man-gill.com domain.
;
man-gill.com. IN MX 10 mx1.man-gill.com.
;
; Address record(s) for the man-gill.com domain.
;
localhost IN A 127.0.0.1
@ IN A 207.206.8.34
marni IN A 172.16.2.36
mgnotes IN A 172.16.2.6
mgntfw IN A 207.206.8.34
mgntfw IN A 172.16.2.111
mgntns IN A 172.16.2.254
mx1 IN A 207.206.8.36
www2 IN A 207.206.8.36
xl_dli IN A 207.206.8.39
xl_mg IN A 207.206.8.37
xl_pt IN A 207.206.8.38
;
; CNAME alias record(s) for the man-gill.com domain.
;
ftp IN CNAME mx1.man-gill.com.
mail IN CNAME mx1.man-gill.com.
ns1 IN CNAME mgntfw.man-gill.com.
www IN CNAME mgntws.man-gill.com.
;
; Records that were not automatically handled by Metainfo DNS
Configuration
;
www.magnus-equip.com. IN A 207.206.8.41
mx1.predict-dli.com. IN A 207.206.8.55
valiant.predict-dli.com. IN A 172.16.3.201
man-gill.com. IN A 207.207.8.34
207.206.8.REVERSE.DB
; ***********************************************************
; * This file is auto-generated. It may be edited by hand,
; * but comments and formatting will not be preserved.
; * It reverse-maps the 207.206.8 subnet.
; *
; * The SOA from the magnus-equip.com domain will
; * be copied to this reverse mapping file because most of
; * the entries in this file are from that domain.
; ***********************************************************
;
@ IN SOA mgntfw.man-gill.com. postmaster.mgntfw.man-gill.com. (
1997032062 ; serial
10800 ; refresh
3600 ; retry
604800 ; expire
86400) ; minimum
41 IN PTR www.magnus-equip.com.
34 IN PTR man-gill.com.
36 IN PTR mx1.man-gill.com.
39 IN PTR xl_dli.man-gill.com.
37 IN PTR xl_mg.man-gill.com.
38 IN PTR xl_pt.man-gill.com.
@ IN NS mgntfw.man-gill.com.
@ IN NS ns1.man-gill.com.
@ IN NS ns2.iagnet.net.
@ IN NS mgntns.man-gill.com.
172.16.2.REVERSE.DB
; ***********************************************************
; * This file is auto-generated. It may be edited by hand,
; * but comments and formatting will not be preserved.
; * It reverse-maps the 172.16.2 subnet.
; *
; * The SOA from the man-gill.com domain will
; * be copied to this reverse mapping file because most of
; * the entries in this file are from that domain.
; ***********************************************************
;
@ IN SOA mgntfw.man-gill.com. tjrude.predict-dli.com. (
1997032062 ; serial
10800 ; refresh
3600 ; retry
604800 ; expire
86400) ; minimum
2 IN PTR jmb.man-gill.com.
36 IN PTR marni.man-gill.com.
7 IN PTR mghq.man-gill.com.
6 IN PTR mgnotes.man-gill.com.
111 IN PTR mgntfw.man-gill.com.
254 IN PTR mgntns.man-gill.com.
@ IN NS ns1.man-gill.com.
@ IN NS ns2.iagnet.net.
@ IN NS mgntns.man-gill.com.
127.0.0.REVERSE.DB
; ***********************************************************
; * This file is auto-generated. It may be edited by hand,
; * but comments and formatting will not be preserved.
; * It reverse-maps the 127.0.0 subnet.
; *
; * The SOA from the magnus-equip.com domain will
; * be copied to this reverse mapping file because most of
; * the entries in this file are from that domain.
; ***********************************************************
;
@ IN SOA mgntfw.man-gill.com. postmaster.mgntfw.man-gill.com. (
1997032062 ; serial
10800 ; refresh
3600 ; retry
604800 ; expire
86400) ; minimum
1 IN PTR localhost.
@ IN NS mgntfw.man-gill.com.
@ IN NS ns1.man-gill.com.
@ IN NS ns2.iagnet.net.
@ IN NS mgntns.man-gill.com.
NEW attempt:
PREDICT-DLI.COM.DB
;
; predict-dli.com.db
; Written 08/29/1999 14:47:41 by Meta IP 4.1 DNS Exporter (build 4679)
;
@ IN SOA ns1.predict-dli.com. dns-admin.ns1.predict-dli.com. 9 10800
1800 604800 86400
ftp IN CNAME mx1
ns1 IN CNAME mgntfw
mx1 IN MX
10 mx1.predict-dli.com.
mgntfw IN A 171.16.2.111
valiant IN A 172.16.3.201
xl-dli IN A 207.206.8.39
xl-pt IN A 207.206.8.38
; valiant re defined
valiant IN A 207.206.8.55
localhost IN A 127.0.0.1
ns1 IN A 172.16.2.111
@ IN NS ns1.predict-dli.com.
8.206.207.IN-ADDR.ARPA.DB
;
; 8.206.207.in-addr.arpa.db
; Written 08/29/1999 14:47:43 by Meta IP 4.1 DNS Exporter (build 4679)
;
@ IN SOA ns1.predict-dli.com. dns-admin.ns1.predict-dli.com. 10 10800
1800 604800 86400
@ IN NS ns1.predict-dli.com.
34 IN PTR ns1.predict-dli.com.
39 IN PTR
xl-dli.predict-dli.com.
34 IN PTR
mgntfw.predict-dli.com.
38 IN PTR
xl-pt.predict-dli.com.
55 IN PTR
valiant.predict-dli.com.
2.16.172.IN-ADDR.ARPA.DB
;
; 16.172.in-addr.arpa.db
; Written 08/29/1999 14:47:43 by Meta IP 4.1 DNS Exporter (build 4679)
;
@ IN SOA ns1.predict-dli.com. dns-admin.ns1.predict-dli.com. 7 10800
1800 604800 86400
@ IN NS ns1.predict-dli.com.
111.2 IN PTR
mgntfw.predict-dli.com.
0.0.127.IN-ADDR.ARPA.DB
;
; 0.0.127.in-addr.arpa.db
; Written 08/29/1999 14:47:45 by Meta IP 4.1 DNS Exporter (build 4679)
;
@ IN SOA ns1.predict-dli.com. dns-admin.ns1.predict-dli.com. (
1999082918
10800
3600
604800
86400
)
IN NS ns1.predict-dli.com.
1 IN PTR localhost.
LOCALHOST.DB
;Localhost zone file (Forward-map of loopback)
@ IN SOA localhost. root.localhost. (
1 ;
10800 ;
3600 ;
604800 ;
86400 ) ;
localhost. IN NS localhost.
localhost. IN A 127.0.0.1
I will appreciate any and all help, comments, criticisms, and
information from any of you DNS gurus. Perhaps I've made a simple
error, or completely fudged it up - due to my zero previous experience
with DNS! DNS and BIND gave me some insight, but since we're not on a
UNIX platform, it left me with questions. Sources on the web have been
of some help, but we're still not there. If nothing else, should I just
set up exactly like the old machine????
TIA
Thomas
More information about the bind-users
mailing list