Adding a New Zone...

Kevin Darcy kcd at daimlerchrysler.com
Mon Aug 14 23:04:57 UTC 2000


marc wrote:

> I want to know what exactly I have to do in my BIND setup to add another
> primary zone to my dns setup.. Essentailly I want to run another web
> site off of this machine.. I have done the following..
>
> 1.) Added the appropriate entry into the named.conf and pointed it to
> 2.) a newly created db.file where main is my current zone and new
>     is the new one:
>
> $TTL    3600
> @         IN    SOA     ns.main.org. root.new.com. (
>                                 20000610        ; Serial
>                                 3600    ; Refresh
>                                 900     ; Retry
>                                 3600000 ; Expire
>                                 3600 )  ; Minimum
>           IN    NS      ns.main.org.
>
> www       IN    A       <MYIP>
>
> localhost IN    A       127.0.0.1
> *.new.com.  IN MX 10 mail.main.org. ; GLOBALOK
>
> I want all the new mail to go to the old domain... so I added the last
> line...

The MX record you have only applies to subdomains, i.e. @foo.new.com. Did
you also want mail addressed to @new.com to go to mail.main.org? You'll
need a separate MX record for that, i.e. "@ in mx 10 mail.main.org."

> OK, FINALLY, here's my question.. do I have to edit the in-addr-arpa
> file?? If so, do I put something like:
>
>    20   IN   PTR    ns.main.org
>    20   IN   PTR    www.new.com

There's no point in having 2 PTR records for the same address, since
nothing AFAIK looks beyond the first PTR. By having multiple A records
pointing to the same address, you have created a reverse-record ambiguity.
You need to pick one of the names for the PTR to point to. Think about what
that reverse record will be used for. If it's used as a weak form of
authentication, then all that really matters is that the PTR record matches
the A record, and the actual name you use doesn't really matter. On the
other hand, if it's used for logging purposes, and it bugs you to have
"ns.main.org" instead of "www.new.com" in the logs, then you could change
the value of the PTR to reflect that preference.

> or, do I use a CNAME...

Well, yes, that's one way of eliminating the PTR ambiguity. You could have
just one "primary" name for the address, and most everything else could be
an alias to it. Then the PTR could point back to that primary name without
any ambiguity. The caveat about this, however, is that if you want a name
which is also the name of a domain, e.g. foo.com, to point to that address,
then it *cannot* be a CNAME. This is because CNAME records can't co-exist
with other record types, and if a name is that of a domain, there is at
least 1 SOA and 1 NS record out there for it.


- Kevin





More information about the bind-users mailing list