Newbie - But I've read a lot of the manuals

Thu Jun 29 00:53:47 UTC 2000

Steven M. Klass wrote:

> Hey all
>         First off I have successfully set up bind in a chrooted environment, and
> it works.  I have been using it for about two weeks now. :)
>
>         My company Andigilog owns the domain www.andigilog.com. Currently our
> email (foo.andigilog.com) and web space (www.andigilog.com) is being hosted
> by earthlink.net.  We recently upgraded to full DSL, and are looking into
> shifting our mail to our local server.  So here's the problem.  How do I go
> about doing that.  Here is what I have come up with
>
> 1.  Get a Linux box acting as a firewall, running bind working.  Don't hook
> it in yet.  Make sure that it has the correct Bind db files so when I do
> hook it into the internet we are good to go.
>         How can I test this without disturbing the planet?  (Notify NO??)

I don't think I'd bother with that. Bogus NOTIFYs just get ignored. I'd only take
this step if Earthlink is really anal-retentive/paranoid about the notices showing
up in their logs...

>         How can I setup a reverse file if I have a full IP (xxx.xxx.xxx.xxx) and
> not a subnet (xxx.xxx.xxx.)?

First of all, if you don't expect the reverse mapping(s) to ever change, the
easiest thing would be to get your network provider (Earthlink?) to just add the
PTR(s) to the C-class in-addr.arpa zone once and then forget about it/them.

If you have only a single address and want to actually *control* the contents of
the reverse record, though, then the best way to do that would be for your provider
to delegate the entry from their C-class zone to a separate zone on your server,
i.e. a zone with a name like "4.3.2.1.in-addr.arpa". This method doesn't scale well
to larger address ranges, though.

Another method is for the provider to create one or more CNAMEs in their C-class
zone pointing to PTR entries in one of your zones: see RFC 2317 for the general
method, although read it with a grain of salt; there's no particular reason that
the PTRs *have* to go into a subzone of the C-class zone -- they can go into
*any* zone that you control, even a forward zone. Also be aware that some resolvers
are known to have problems with a "/" in a name, so you might want to disregard
RFC 2317 in this regard and choose an alternative zone name. Many people signify
the address range with a hyphen, e.g. "0-63.3.2.1.in-addr.arpa".

> 2.  After successful implementation of that get qmail running on the machine.
>
> 3.  Contact Network Solutions and have the DNS numbers switched to me and
> my ISP.
>
> Has anyone else done this (somebody must have) and would you be willing to
> help me out on this.  I really want to save my boss some money, and I am
> rpetty familiar with linux and MAN pages, but I still can always use the
> advice.

 If you want redundancy, you need at least 2 registered nameservers for your
domain. Do you think Earthlink would be willing to still continue as slave for your
domain, possibly for free or at a reduced rate? If not, then seek other
alternatives. There's no reason to charge as much for slaving someone's domain as
for actually mastering it. For free, you could probably even find someone who would
agree to slave your domain in return for you slaving theirs -- this is known as
"swapping secondaries".

- Kevin