Solved

DNS setting for 1 domain, multiple IPs?

Posted on 2004-04-03
9
231 Views
Last Modified: 2010-03-17
I have an ADSL line with a static IP currently, and I have setup a DNS server which is working fine.  I plan to add another ADSL connection with another static IP soon.  My question is how do I switch some of the services to the new static IP? For example, if I want to switch www.abc.com (which is currently pointed to the old static IP) to the new static IP, how would the named.conf and my zone file look like?  Do I need to have another zone file for the new static IP?  Please help with detailed guideline. Thank you.
0
Comment
Question by:viansoo
  • 5
  • 4
9 Comments
 
LVL 9

Accepted Solution

by:
Alf666 earned 250 total points
ID: 10748663
Just change the appropriate line in your zone file.

Instead of showing :

www        A               x.x.x.x (IP A)

It will show :

www        A               y.y.y.y (IP B)

0
 

Author Comment

by:viansoo
ID: 10750274
It's just that simple Alf666? How about the reverse-mapping zone file?
0
 
LVL 9

Expert Comment

by:Alf666
ID: 10751395
Yes. It's that simple. Do you handle the reverse mapping for your zone ? Usually, on ADSL, the provider does it.

But, if you have a reverse mapping and handle it yourself, you have to do the following :

Ask your second provider to delegate the reverse mapping of your second address to your first nameserver.

Check your nameserver config. In your named.conf, you should have a declaration for the zone. Just copy/paste it and change the zone declaration to the new one (this will involve replacing the ip addr, and the zone file name).

Then, what you should do is to copy the "ip a" reverse zone file so that you have a good example to start from. The changes should be pretty straightforward.

0
 

Author Comment

by:viansoo
ID: 10751952
Hi Alf666, you meant I need to have 2 zone files and 2 reverse zone files? Let me clarify more on my requirement and question:

I have 1 static IP and I have registered this IP with my NIC as my DNS server.  Currently all my services (www,ftp,smtp,....) are resolved to this IP.  Now I am going to add another faster connection with another new IP.  I want some of the existing services to be resolved to the new IP, without switching the DNS server. How could I do this in my named.conf and zone files?

If possible, pls provide a sample named.conf, zone files and reverse zone file. Sorry as I am still new to Linux.  Thank you.
0
Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

 
LVL 9

Expert Comment

by:Alf666
ID: 10752256
You need to have only one zone file.

You just need to have the proper IP address in front of the name you want to resolve.

It's just like I said in my first post.

For the reverse, though, you'll need two separate zone files (as they concern 2 different IPs). But I'm surprised that both your ISPs delegate the reverses to you.

As for the example, I suggest you provide me with your actual config (named.boot and appropriate zone files content). It will be esaier to map to your actual config.
0
 

Author Comment

by:viansoo
ID: 10752391
Hi Alf666, here are my DNS config files:

named.conf
---------------
zone "." {
      type hint;
      file "named.ca";
};
zone "abc.com" {
      type master;
      file "zone.abc.com";
};
zone "0.0.127.IN-ADDR.ARPA" {
      type master;
      file "named.local";
};
zone "3.93.219.IN-ADDR.ARPA" {
      type master;
      file "3.93.219.in-addr.arpa";
};

zone file (zone.abc.com):
-------------------------------
$TTL      43200
@            IN      SOA      ns.abc.com.      hostmaster.abc.com. (
                  2002121801 ; serial
                  8H ; refresh
                  2H ; retry
                  7D ; expire
                  1D ; default_ttl
                  )
@      IN      NS      ns.abc.com.
@      IN      MX      10      Mail.abc.com.
localhost            IN      A      127.0.0.1
www            IN      A      219.93.3.166
ftp            IN      A      219.93.3.166
ns            IN      A      219.93.3.166
abc.com.      IN      A      219.93.3.166

reverse zone file (3.93.219.in-addr.arpa):
--------------------------------------------------
$TTL      43200
@      IN      SOA      ns.abc.com.      hostmaster.abc.com. (
                  2002111303 ; serial
                  8H ; refresh
                  2H ; retry
                  7D ; expire
                  1D) ; default_ttl
                  
@      IN      NS      ns.abc.com.
166      IN      PTR      www.abc.com.
166      IN      PTR      ftp.abc.com.
166      IN      PTR      Mail.abc.com.


If my new IP is 202.172.1.3 and suppose that I want www.abc.com to be resolved to it, how would all the files above look like? Thank you.
0
 
LVL 9

Expert Comment

by:Alf666
ID: 10752443
First of all, you have a few mistakes.

abc.com.     IN     A     219.93.3.166
Should be :

@     IN     A     219.93.3.166

And in your rev file, you should only have one PTR record for each address. So you have to select one (definitely not www.abc.com. as you are going to move it).

Plus, your rev file shows that it's master in reversing the whole C class. Which is not the case. This will not affect other internet users, but you will get bad responses for other addresses like, for example, 219.93.2.100.

So, your reverse file should be declared as :

zone "166.3.93.219.IN-ADDR.ARPA" {
     type master;
     file "166.3.93.219.in-addr.arpa";
};


For you www addr, just replace :

www          IN     A     219.93.3.166

By :

www          IN     A     202.172.1.3


This will do the trick.

If you get delegation for the other reverse (ask your ISP to point it to 219.93.3.166), you will have to do the following :

zone "3.1.172.202.IN-ADDR.ARPA" {
     type master;
     file "3.1.172.202.in-addr.arpa";
};

And the zone file :

$TTL     43200
@     IN     SOA     ns.abc.com.     hostmaster.abc.com. (
               2002111303 ; serial
               8H ; refresh
               2H ; retry
               7D ; expire
               1D) ; default_ttl
               
@     IN     NS     ns.abc.com.
3      IN     PTR     www.abc.com.


0
 

Author Comment

by:viansoo
ID: 10754201
Hi Alf666, thank you so much for the guides. I'm clearer with what I need to do now. Just a few things more:

1. If I only specify one PTR record for each address in my rev zone file, will it affect the rest which are not specified? E.g. if I only specify ftp.abc.com, what will happen to Mail.abc.com?

2. I do not quite understand what the delegation means. Can you explain a bit more.

Thanks a lot !
0
 
LVL 9

Expert Comment

by:Alf666
ID: 10755531
1. Nothing. The PTR allows for the mapping of an IP address to a host name.
It's really bad practise to send back multiple host names for one IP addr. I don't know how bind handles it by the ways. I can only suspect that it does a round robin (selects one after the other) on the different addresses, so your IP addr will never resolve to the same name (BAD).

2. The delegation means that the reverse DNS for the IP zone is delegated to your provider. Each provider, after it requests IP addrs from RIPE or ARIN (or other high-level IP registries) gets the delegation for these addresses. This means that the IP registries point to them for resolving these entries (it's a tree-like schema).
Each provider, then, can delegate part of it's assigned pools to one of it's customers.

But, usually, when there's only one IP addr, they do not do that. It's too complex a setup, and users that only need one IP do not know how to do this properly, which would lead to a messy DNS system.

So, what they usually do (when they bother, which is rare), is that they do the reverse themselves for their customers.

So, there's a real chance that yoru reverse DNS zones are not even "seen" on the internet.

Let's take a real life example (with cuts, only keeping interesting lines) :

1) dig -x 66.102  

;; AUTHORITY SECTION:
66.in-addr.arpa.        10800   IN      SOA     chia.arin.net. bind.arin.net. 2004040502 1800 900 691200 10800

2) dig @chia.arin.net -x 66.102.9

;; AUTHORITY SECTION:
9.102.66.in-addr.arpa.  86400   IN      NS      ns1.google.com.
9.102.66.in-addr.arpa.  86400   IN      NS      ns2.google.com.

In this example, ARIN, who is master for the 66.102.0.0 IP addr pool (65536 addrs, among others), has delegated 66.102.9.0 to google. So, when asking to your DNS server what is the name of the IP addr 66.102.9.1, for example (bad example, actually, because google did not do it's work in reversing these), your resolver will go down the tree from the root name servers to ARIN, to google.

Is this clearer (this is turning to a real DNS tutorial :-)) ?

0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now