[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Re:Primary,secondary,auto-update,thanks

Subject: Re: [cobalt-users] Re:Primary,secondary,auto-update,thanks
From: Jeff Lasman <jblists@xxxxxxxxxxxxx>
Date: Sat Feb 16 02:10:33 2002
Organization: nobaloney.net
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

Patrick wrote:

> >FQDN=Fully Qualified Domain Name... a hostname and domain name pair,
> registered as a nameserver(?)
> 
> >> on the IP I was issued and I am running a PTR record
> >> for the single IP number.
> >
> >Why?  Did someone tell you to?
> 
> I'm running a PTR record because I want my host name, domain name to
> resolve (and I agreed with my ISP I was running 'primary'.)

PTR records are entirely for reverse (IP to domain resolution) records
in the in-addr.arpa domain zone file for your IP#.  Which may or may not
be delegated to you by your ISP.  Most ISPs don't delegate reverse DNS
authority to you unless you've given you an entire C class, but note, I
said "Most", not all.  So you can put in a PTR record and it'll create a
new zone file in in-addr.arpa, but it won't help anything, and only
create confusion, because you'll think it's part of the DNS system when
in fact it isn't.

> By "primary upstream PTR" I meant - when I did a local country domain
> registration... I received a "No PTR records found" error:
> >>>>>>>>>>>>>
> CHECKING: Primary Server is myhost.mydomain.com at xxx.xx.xxx.xx
> WARN: No PTR records?  - INFO: At xxx.xx.xxx.xx
> 
> CHECKING: secondary 1 is ns2.myisp.com at xxx.xx.xxx.xx
> INFO: Name "isphost.ispdomain.com" - INFO: At xxx.xx.xxx.xx
> >>>>>>>>>>>>>>.

Many top level country domain registrars require working name-servers
for both forward (your domains' zone-files) and reverse (the
in-addr.arpa domain zone-file) lookups.  However unless your ISP has
delegated reverse DNS authority to you, your PTR record won't help
anything.

> Whereas - the hostname, domain name is resolving (on the nameserver lookup)

But it's got NOTHING to do with your PTR record.

> - and I am definitely running a PTR record (as previously recommended by
> you, i.e., one PTR record per IP)

Look into that post of mine carefully.  I'm sure I point out that you
shouldn't run PTR records at all unless your upstream (ISP) has
delegated reverse dns (your portion of the in-addr.arpa domain) to you.

... ergo... if I am running a PTR record
> and the name is resolving... but the bot is telling me there are no PTR
> records then the error must be somewhere else... my ISP's primary?

As I've said several times, it's NOT got anything to do with your PTR
record.  Ask your ISP... if they've delegated reverse DNS authority to
you, then either you're not doing it right (or the RaQ isn't <frown>),
or they're not delegating it right.  If they've NOT delegated it to you,
then they must do reverse DNS on the IP#.  Not necessarily to the same
domain, but it must be done.

> By upstream I meant: I'm at the end of a request chain(?) - therefore
> everything else must be upstream(?) This is now fixed - with no change on
> my end... though I did mention to my ISP I was seeing the error.

I have no idea what's fixed, but that's okay, don't bother to tell me.

> In my understanding a "Primary nameserver" resolves hostnames to ip numbers

A primary nameserver, sometimes confused with a master nameserver,
resolves hostnames into IP#s for the domains for which it has
authority.  You give it that authority when you register the domain and
list your nameservers.  Your customers do the same.

> and vice-versa.

While it can resolve IP#s into hostnames, it can't do it for domains for
which it has NO authority.  Your IPS owns authority for the IP#s in it's
namespace.  It can keep that authority (and most do) or it can delegate
it to you.  It hasn't delegated it to you.

> If a PTR record is part of this function - and I'm not
> running a ptr record...

You don't have, need, or want, PTR records, unless you've got authority
for some part of the in-addr.arpa domain.  The only way you can get it
is if someone gives it to you.  If they give it to you they'll tell you
they did.  Did they?

> then I can no longer be a nameserver, i.e., if I am
> not resolving hostnames then I'm not running dns?

For the umpteenth time... PTR records have NOTHING to do with resolving
hostnames.

> I set this up with my ISP
> on the understanding I was doing primary and they were doing secondary.

For what?  For your domains?  For the in-addr.arpa domain?  Unless they
told you they delegated a piece of the in-addr.arpa domain to you you've
got no authority for it.  Frankly, as little as you know about DNS,
since they're responsible for reverse DNS for their piece of the
in-addr.arpa domain, it's rather unlikely they've given a piece of it to
you, and if they have they're in trouble <wry grin>.

> Don't understand the 'delegation' part - thought reverse mapping was part
> of my function of running primary dns?

If you don't understand a word you need to look it up and make sure you
do understand it.  To delegate... to assign authority.

> Sorry - I registered a nameserver - it has a fully-qualified domain name -
> it is registered as the primary nameserver for my domain... Gee whiz... I
> didn't make it complicated... I just discovered it is more complicated than
> it seems :P

I already told you unless you told me the "fully-qualified domain name"
of your nameserver I wouldn't bother to reply, so I don't even know why
I am <frown>.  Maybe because it's late and I'm too tired to stop <wry
grin>.

The key is it's the "primary nameserver for [your] domain".  NOT for the
in-addr.arpa domain or any portion thereof.  One domain has NOTHING to
do with the other.

> Thought the PTR record _resolved_ the hostname and domain name.

Buy the book.  Read it.  Don't think; it's dangerous <smile>.

> My sites are resolving - and everything looks beautiful - including the new
> domain - which will have no errors thanks to the help on this list.
> 
> Now - if I can just sort my email problem... well, the emails working...
> but - it gets complicated :P Maybe next time.

Email is a lot more picky about DNS.  Do you know what an MX record is
<wry grin>?

Patrick, I really feel you and any future customers of yours would be
best served if you used someone for DNS who understands it.

That's got to be your decision, though.

> PS. Jeff - please don't feel you have to reply to this - though your input
> would obviously be appreciated.

Too late... I didn't read this part until I replied <smile>.

Jeff
-- 
Jeff Lasman <jblists@xxxxxxxxxxxxx>
Linux and Cobalt/Sun/RaQ Consulting
nobaloney.net
P. O. Box 52672, Riverside, CA  92517
voice: (909) 778-9980  *  fax: (702) 548-9484

Follow-Ups:
- Re: [cobalt-users] Re:Primary,secondary,auto-update,thanks
  - From: Menno M Jansz

References:
- [cobalt-users] Re:Primary,secondary,auto-update,thanks
  - From: Patrick

Prev by Date: Re: [cobalt-users] secondary dns
Next by Date: Re: [cobalt-users] RaQ4r raid not showing in gui
Previous by thread: [cobalt-users] Re:Primary,secondary,auto-update,thanks
Next by thread: Re: [cobalt-users] Re:Primary,secondary,auto-update,thanks

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index