Five DNS questions for VPS/dedicated gurus.

Hi,

I am in the process of setting up my own VPS from scratch using WHM/cPanel, and doing pretty well. I did, however, run into a couple of DNS zone configuration questions (RedHat9/BIND8) that I either cannot find clear answers to, or the answers that I find are completely contradicting.

Believe it or not, Network Solutions actually *refused* to answer any of my questions regarding DNS configuration and DNS compliance with their registrar rules, only because I am setting up an external nameserver. So, I thought I would turn to you gurus for some advice.

My main machine hostname is, say, fury.basedomain.com, sitting on an IP, say, 000.000.000.001. It hosts the first nameserver (ns1), it is the main mail server, and Apache is configured for shared name-based hosting of my domains. 000.000.000.002 hosts the second nameserver (ns2, routed to the same machine). I will be setting up a tertiary backup nameserver with my ISP, so "two-nameservers-on-one-machine" it is not an issue here (for the moment).

Here is an outline of the primary domain DNS configuration:

@ 14400 IN SOA ns1.basedomain.com. webmaster.basedomain.com.
(serials, etc. skipped)
basedomain.com. NS ns1.basedomain.com.
basedomain.com. NS ns2.basedomain.com.
basedomain.com. A 000.000.000.001
localhost.basedomain.com. A 127.0.0.1
basedomain.com. MX 0 basedomain.com.
mail CNAME basedomain.com.
www CNAME basedomain.com.
ftp A 000.000.000.001
ns1 A 000.000.000.001
ns2 A 000.000.000.002
001.000.000.000.in-addr.arpa PTR ns1.basedomain.com.
002.000.000.000.in-addr.arpa PTR ns2.basedomain.com.
001.000.000.000.in-addr.arpa PTR basedomain.com.
001.000.000.000.in-addr.arpa PTR ftp.basedomain.com.
fury CNAME basedomain.com.

Here is an outline of the secondary domain DNS configuration:

@ 14400 ns1.otherdomain.com. webmaster.otherdomain.com.
(serials, etc. skipped)
otherdomain.com. NS ns1.otherdomain.com.
otherdomain.com. NS ns2.otherdomain.com.
otherdomain.com. A 000.000.000.001
localhost.otherdomain.com. A 127.0.0.1
otherdomain.com. MX 0 otherdomain.com.
mail CNAME otherdomain.com.
www CNAME otherdomain.com.
ftp A 000.000.000.001
ns1 A 000.000.000.001
ns2 A 000.000.000.002
001.000.000.000.in-addr.arpa PTR ns1.otherdomain.com.
002.000.000.000.in-addr.arpa PTR ns2.otherdomain.com.
001.000.000.000.in-addr.arpa PTR otherdomain.com.
001.000.000.000.in-addr.arpa PTR ftp.otherdomain.com.

The questions are:

1. WHM actually initially created a separate zone called fury.basedomain.com, and NOT just basedomain.com. After some reading and contemplation, I blew away the fury.basedomain.com zone, created a basedomain.com zone, and added a "fury" CNAME record for the basedomain.com zone. Was that the right move?

2. I do not understand why the MX records created by WHM include the 0 IP entry, and then the name alias. I suspect that has to do with figuring out the shared name-based hosting mail routing. Is such setup correct?

3. For both domains, WHM initially sets up the ftp server NOT as a CNAME, but as an A record. As much as I understand that happening for ns1 and ns2, shouldn't the ftp be a CNAME, also?

4. Many sources say that setting up multiple nameservers pointing to the same IP address is valid, IF THE DOMAIN NAMES DIFFER. I am trying to "simulate" dedicated nameservers for each domain in question. Effectively, ns1.BASEdomain.com and ns1.OTHERdomain.com point to the same IP, 000.000.000.001. Same thing for ns2.* servers, but the IP is 000.000.000.002. Yet, some net sources say that it is not a valid practice. I do not believe that all the hosts out there use up IP address pool for all their resellers' nameservers, or the reseller guys are happy with their nameservers having someone else's domain names. What gives?

5. The last, but not least: reverse IP lookups. I ran nslint DNS check utility, and it seems to want to see a PTR record for EVERY A record. So, that's what I did. But I do not "like" this setup, since reverse IP lookups would have to actually return multiple domain names. I know the mail server PTR absolutely has to be there (001.000.000.000.in-addr.arpa PTR basedomain.com., to support the mail CNAME), otherwise my mail will get thrown out by other mail servers. But, what about the nameservers? The ftp A <-> PTR records?

A long post and a lot of reading, but I was trying to be as precise as possible to get it right for the first time. Thanks for reading...

Gary

 

 

 

 

Top