<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
On 8/7/2011 9:05 AM, Scott Hughes wrote:
<blockquote
cite="mid:CANJopPB0sa6AhabXsHTkW70YcM8roqy11ZZ3o+rL3Tzqk_XVjQ@mail.gmail.com"
type="cite">All,
<div><br>
</div>
<div>I have Googled and searched the archives for two days and
cannot find an answer to this question... just more confusion!
Please forgive me ahead of time as I run two name servers for
my mid-sized company and am by no means an expert in using bind
DNS. We have about eight domains but don't have a lot of records
for each zone. Here is my issue:</div>
<div><br>
</div>
<div>We are moving to a two Exchange server / two data center
model for auto-failover reasons. Both data centers are in to
different locations and have multiple internet pipes and tier 1
providers coming into their data centers.</div>
<div><br>
</div>
<div>Here is what I'm trying to do:</div>
<div><br>
</div>
<div>For example, our email domain name on the Exchange servers
is: <a moz-do-not-send="true" href="http://mail.blahblah.us">mail.blahblah.us</a>
Our spam filtering device is: <a moz-do-not-send="true"
href="http://spam.blahblah.us">spam.blahblah.us</a> and is the
MX record. In the <a moz-do-not-send="true"
href="http://blahblah.us">blahblah.us</a> zone file I have A
records pointing to both correctly.</div>
<div><br>
</div>
<div>Our problem comes in on our other domains. I am trying to
point <a moz-do-not-send="true" href="http://mail.company1.com">mail.company1.com</a>
to <a moz-do-not-send="true" href="http://mail.blahblah.us">mail.blahblah.us</a>
and <a moz-do-not-send="true" href="http://spam.company1.com">spam.company1.com</a>
to <a moz-do-not-send="true" href="http://spam.blahblah.us">spam.blahblah.us</a>
using CNAME records. I'm obviously doing this wrong or trying
to do something that can't or shouldn't be done. Like I said, I
am fairly new to bind9 but I'd sure rather use it than something
link MS DNS servers!</div>
<div><br>
</div>
<div>What I am attempting to do is make it so that if an outside
email server or inside user goes to <a moz-do-not-send="true"
href="http://mail.company1.com">mail.company1.com</a> or <a
moz-do-not-send="true" href="http://spam.company1.com">spam.company1.com</a>
they are 'redirected' to the <a moz-do-not-send="true"
href="http://blahblah.us">blahblah.us</a> domain where our UCC
cert covers both of the Exchange servers.</div>
<div><br>
</div>
<div>Please let me know if I've left anything out that would be
helpful in answering these questions.</div>
<div><br>
</div>
<br>
</blockquote>
<br>
blahblah.us and company1.com are actual registered domain names. If
they are registered to you, then using these domains in examples is
fine... if not, then better to use RFC2606 names...<br>
<br>
If I understand your environment correctly:<br>
<br>
Your "main domain" - example.com - looks (in part) like this:<br>
<br>
// Begin example.com<br>
<pre>$TTL 86400
@ IN SOA ns1.example.com. contact.example.com. (
2011080701 ; serial number YYMMDDNN
28800 ; Refresh
7200 ; Retry
864000 ; Expire
86400 ; Min TTL
)
NS ns1.example.com.
NS ns2.example.com.
MX 10 spam.example.com.
MX 20 spam2.example.com.
$ORIGIN example.com.
spam IN A 192.0.2.25
spam2 IN A 192.0.2.26
mail IN A 192.0.2.30 </pre>
// End example.com<br>
<br>
There is no reason that example.net (another of your domains) can't
look like this:<br>
<br>
// Begin example.net<br>
<pre>$TTL 86400
@ IN SOA ns1.example.com. contact.example.net. (
2011080701 ; serial number YYMMDDNN
28800 ; Refresh
7200 ; Retry
864000 ; Expire
86400 ; Min TTL
)
NS ns1.example.com.
NS ns2.example.com.
MX 10 spam.example.com.
MX 20 spam2.example.com.
$ORIGIN example.net.
// End example.net
</pre>
^^^ MX records in example.net point to example.com hosts (which are
A records).<br>
<br>
If you have a 'requirement' that the users for example.net configure
their mail clients with example.net mail server hostnames, then you
can create a CNAME record in example.net that aliases
mail.example.net to mail.example.com.<br>
<br>
If, however, you have a 'requirement' to make it 'seem' that
example.com and example.net have 'independent' mail servers at a DNS
level - i.e. you want to use MX records in example.net that are in
example.net, then you need to add A records for spam & spam2 in
example.net that point to the IP addresses of these hosts (and you
need to do this for all domains 'like' example.net as well -and-
update the A records in all of these domains if the IP addresses of
these hosts change in the future... c'est la DNS). Like so:<br>
<br>
// Begin example.com<br>
<pre>$TTL 86400
@ IN SOA ns1.example.com. contact.example.com. (
2011080701 ; serial number YYMMDDNN
28800 ; Refresh
7200 ; Retry
864000 ; Expire
86400 ; Min TTL
)
NS ns1.example.com.
NS ns2.example.com.
MX 10 spam.example.com.
MX 20 spam2.example.com.
$ORIGIN example.com.
spam IN A 192.0.2.25
spam2 IN A 192.0.2.26
mail IN A 192.0.2.30 </pre>
// End example.com<br>
<br>
// Begin example.net<br>
<pre>$TTL 86400
@ IN SOA ns1.example.com. contact.example.net. (
2011080701 ; serial number YYMMDDNN
28800 ; Refresh
7200 ; Retry
864000 ; Expire
86400 ; Min TTL
)
NS ns1.example.com.
NS ns2.example.com.
MX 10 spam.example.net.
MX 20 spam2.example.net.
$ORIGIN example.net.
spam IN A 192.0.2.25
spam2 IN A 192.0.2.26
mail IN CNAME mail.example.com. </pre>
// End example.net<br>
<br>
// Begin example.org<br>
<pre>$TTL 86400
@ IN SOA ns1.example.com. contact.example.org. (
2011080701 ; serial number YYMMDDNN
28800 ; Refresh
7200 ; Retry
864000 ; Expire
86400 ; Min TTL
)
NS ns1.example.com.
NS ns2.example.com.
MX 10 spam.example.org.
MX 20 spam2.example.org.
$ORIGIN example.org.
spam IN A 192.0.2.25
spam2 IN A 192.0.2.26
mail IN CNAME mail.example.com.</pre>
// End example.org<br>
<br>
<br>
<br>
HTH,<br>
<br>
-DMM<br>
<br>
<br>
</body>
</html>