I need to manage multiple domains
Mark Andrews
Mark_Andrews at isc.org
Mon Nov 27 22:01:40 UTC 2006
> >>> On Wed, Nov 22, 2006 at 5:12 PM, in message
> <200611222312.kAMNCPog034131 at drugs.dv.isc.org>, Mark Andrews
> <Mark_Andrews at isc.org> wrote:
>
> >> > Normally you would have a *single* PTR record per address.
> >> > Multiple PTR records do not scale.
> >>
> >> I do have a single record per address. see below.
> >
> > Ok. I see your question now. The domain names on the
> > right hand side need to fully qualified.
> >
> > e.g. server1.domain.com.
> >
> > Mark
>
>
> Doesn't that go against my main goal which is to keep domain1.com and
> domain2.com in sync?
No. The RDATA in the reverse zone has to be fully qualified.
Remember that the people looking this up will not know how to
qualify the names returned.
Note many sites do not accept PTR records as valid unless
the following is satisfied. Note searching is usually turned
off when this check is performed and there is no record in
the root zone for "server1.".
gethostbyname(gethostbyaddr(IP)->h_name) -> IP
Now you can add multiple PTR records if you want but at
some point you will exceed the ability of the DNS to return
them.
Also anything which uses hostnames for access will almost
always need to list all the names in the PTR records. If
you don't you will get intermittent failures depending upon
the order the PTR records were returned in.
Mark
> Thanks, Ryan
>
> >
> >> >>> On Wed, Nov 22, 2006 at 4:27 PM, in message
> >> <200611222227.kAMMRLoe033583 at drugs.dv.isc.org>, Mark Andrews
> >> <Mark_Andrews at isc.org> wrote:
> >>
> >> >> Does the same hold true for reverse lookup files?
> >> >
> >> > Normally you would have a *single* PTR record per address.
> >> > Multiple PTR records do not scale.
> >> >
> >> >> Currently, mine are in this format:
> >> >>
> >> >>
> >> >> $ORIGIN .
> >> >> $TTL 3600 ; 1 hour
> >> >> 118.10.in- addr.arpa IN SOA nameserver.domain1.com.
> >> >> admin.domain1.com. (
> >> >> 18 ; serial
> >> >> 900 ; refresh (15
> minutes)
> >> >> 600 ; retry (10 minutes)
> >> >> 86400 ; expire (1 day)
> >> >> 3600 ; minimum (1 hour)
> >> >> )
> >> >> NS nameserver.domain.com.
> >> >> $ORIGIN 118.10.in- addr.arpa.
> >> >> 239.37 PTR server1.domain.com
> >> >> 239.39 PTR server2.domain.com
> >> >> 239.7 PTR server3.domain.com
> >> >> ..
> >> >> ..
> >> >>
> >> >> Would I need to change it to?
> >> >>
> >> >> $ORIGIN .
> >> >> $TTL 3600 ; 1 hour
> >> >> 118.10.in- addr.arpa IN SOA nameserver admin. (
> >> >> 18 ; serial
> >> >> 900 ; refresh (15
> minutes)
> >> >> 600 ; retry (10 minutes)
> >> >> 86400 ; expire (1 day)
> >> >> 3600 ; minimum (1 hour)
> >> >> )
> >> >> NS nameserver.
> >> >> $ORIGIN 118.10.in- addr.arpa.
> >> >> 239.37 PTR server1.
> >> >> 239.39 PTR server2.
> >> >> 239.7 PTR server3.
> >> >> ..
> >> >> ..
> >> >>
> >> >> Thanks...
> >> >>
> >> >>
> >> >>
> >> >> >>> On Tue, Nov 21, 2006 at 10:01 AM, in message
> >> >> <Prayer.1.0.18.0611211601250.15590 at hermes- 1.csi.cam.ac.uk>,
> Chris
> >> >> Thompson
> >> >> <cet1 at hermes.cam.ac.uk> wrote:
> >> >> > On Nov 20 2006, John Wobus wrote:
> >> >> > [...]
> >> >> >>In a zone file, BIND lets you use the at sign (@) to refer to
> the
> >> >> zone
> >> >> >>to which named.conf assigns the zone file. Using it, zone
> files
> >> can
> >> >> be
> >> >> >>created that do not include their own zone name.
> >> >> >
> >> >> > More accurately, @ refers to the current origin, and zone
> files
> >> are
> >> >> > interpreted with the origin initially set to the zone name. So
> if
> >> >> you
> >> >> > want to use @ to refer to the zone name, do not use a $ORIGIN
> >> >> directive
> >> >> > earlier in the zone file.
> >> >>
> >> >>
> >>
> >>
>
>
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the bind-users
mailing list