Thanks to all of you who responded so quickly to my request for
information about configuring our nameserver during our changeover
from wvu.wvnet.edu to wvu.edu. Respondents were:
Derrick Brashear db74+@andrew.cmu.edu
Patrick O'Callaghan poc@usb.ve
Eric Pearce eap@ora.com
David Barr barr@pop.psu.edu
Christopher Vance Christopher.Vance@adfa.oz.au
Mike O'Connor mjo@iao.ford.com
Andy Feldt feldt@phyast.nhn.uoknor.edu
Deborah Heller deb@beaux.ATWC.Teradyne.COM
Rui Pedro Mendes Salgueiro rps@matuc2.mat.uc.pt
Here's the first question I asked, followed by some of their answers.
1. We have both a subdomain called cs.wvu.wvnet.edu and a machine called
cs.wvu.wvnet.edu (also known as a.cs.wvu.wvnet.edu), which is the mail
hub for the cs department. We named a machine the same as the
subdomain in order to simplify e-mail addresses for the cs department
and to compensate for any mailers not using MX records.
Below is a portion from our current wvu.wvnet.edu database:
wvu.wvnet.edu. IN SOA a.cs.wvu.wvnet.edu. hostmaster.a.cs.wvu.wvnet.edu.(
3.2 ; Serial
3600 ; Refresh
300 ; Retry
3600000 ; Expire
3600 ) ; Minimum
IN NS a.cs.wvu.wvnet.edu.
IN NS nameserv.wvnet.edu.
nameserv.wvnet.edu. IN A 129.71.1.1
;
cs IN NS a.cs.wvu.wvnet.edu.
cs IN A 129.71.11.1
After our change to new numbers and names, my major concern is that
all mail to the old name (user@cs.wvu.wvnet.edu) still gets through
to user@cs.wvu.edu. I'm less concerned if a telnet, ping, etc.,
to the old name is resolved to the new name, but it would be a nice
feature. Here's a portion of the modified wvu.wvnet.edu database.
Do you see any problems with it? Can I have two A records pointing
to the same IP number for both a.cs.wvu.edu and cs.wvu.wvnet.edu? Is
there some better way to achieve the problems with e-mail?
wvu.wvnet.edu. IN SOA a.cs.wvu.edu. hostmaster.a.cs.wvu.edu. (
3.2 ; Serial
3600 ; Refresh
300 ; Retry
3600000 ; Expire
3600 ) ; Minimum
IN NS a.cs.wvu.edu.
IN NS nameserv.wvnet.edu.
a.cs.wvu.edu. IN A 157.182.140.3
nameserv.wvnet.edu. IN A 129.71.1.1
;
cs IN NS a.cs.wvu.edu.
cs IN MX 0 a.cs.wvu.edu.
cs IN A 157.182.140.3
It's clear from the respondents that there are several ways we can go about
making these changes. Here are some of their answers:
*************************
Purchase:
DNS and BIND
By Cricket Liu & Paul Albitz
*************************
First off, you don't need a machine called the same as the subdomian
for anything but perhaps convenience for users.
Remember, Internet hosts are REQUIRED to support MX
records. If someone can't send mail to to "user@cs.wvu.edu"
it's their fault. If someone really is running a non-MX
mailer, then there are LOTS and LOTS of sites out there they can't
send mail to.
I've been debating adding an A record for my domain, but the
only reason I can think of to do it is so people could say "finger
user@cs.wvu.edu" and get information about a person given a mail
address.
What I'd do is have wvnet put in an MX record for cs.wvu.wvnet.edu to
point to your new mailhost's name. You could additionally put in a
wildcard MX for *.cs.wvu.wvnet.edu in case people were in the habit of
sending mail to individual machines.
The only thing left to do is tell your mailer that both
"cs.wvu.wvnet.edu" as well as "cs.wvu.edu" are local delivery.
(probably using the "Cw" line, in your sendmail.cf)
*************************
You could move your current zone file to the new domain (editting the
places where the domain name is hard-coded. You then replace the old
zone file with one which has an entry for each existing name giving a
CNAME to the new name. When you turn old machines off or change their
names, you must remember to remove their CNAME from the old zone. You
should never need to add things to the old zone.
Oh, you may need to have a few extra RR's at the old domain level (but
not within) to cater for mail to the domain itself. You'll need NS's,
MX's and maybe an A. But these should probably only go in when you
create the new file. You could conceivably have to change the
non-CNAME data in the file as servers change, etc.
If your old zone has delegated subzones, you'll have to decide whether
to keep it that way with the new CNAME zone or whether to coalesce.
(A subdomain need not be delegated to a separate zone.
I'd probably do it this way if we ever do change domains. You can
retire old names by removing them from your zone file. The main
problem is that someone who uses an old name may not be aware that
it's an alias for a new name, so you'd probably be better only
removing the alias when you change or remove the name it points to.
*************************
*************************
Here's my second question followed by some of their answers.
2. Are there any utilities to check a database after it has been
modified and before the nameserver has been given a hangup signal
to read it? I'm becoming familiar with dnswalk and doc, but can they
pre-check a database? What other utilities are available in the
public domain to pre/post-check databases?
*************************
Um.. neither doc nor dnswalk would be easily modified to pre-check your
database. Your best bet would be to backup the current database, restart
named, and run dnswalk. If things are really bad, then reload the original.
*************************
I occasionally run a named with a different port number, cache file,
and boot file, dump it after loading, and and inspect the output by
eye. I can probably find my script for doing this if you want.
*************************
*************************
Here's my third question followed by some of their answers.
3. If I create a resolv.conf file on our primary nameserver, should
it include its own name as the first nameserver to query?
I've also seen entries for: nameserver 127.0.0.1. What is its
purpose; is it the same as the local nameserver?
*************************
Yes, 127.0.0.1 is the "loopback" device. It refers to the machine
itself, without actually sending traffic out on the network. (Much
faster). Note due to a bug the current BIND (4.8.3) if you want to
have multiple nameserver directives, don't specify the loopback device,
but rather the nameserver's IP address. Otherwise, the other
nameservers won't be queried properly and won't return a response.
*************************
127.0.0.1 is always the local host. If your file system is shared by
other machines which may not be running their own servers, this is a
bad idea. I'd always use a specific address. The file is usually
specific to a single host, so I'd always put the preferred server
there.
*************************
*************************
I would like to thank you for taking the time to respond and for giving
me such helpful information.
Rebecca Littleton
--
=============================================================================
CCCCCC EEEEEE RRRRRR CCCCCC Rebecca Littleton
CC EE RR RR CC Systems Administrator
CC EEEE RR RR CC Concurrent Engineering Research Center
CC EEEE RRRR CC West Virginia University
CC EE RR R CC Morgantown, West Virginia 26506
CCCCCC EEEEEE RR RR CCCCCC ral@cerc.wvu.wvnet.edu
=============================================================================
This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:07:33 CDT