| Author |
Message |
Mekk
Joined: 15 Jul 2008
Posts: 16
|
| Posted: Fri Jul 18, 2008 10:30 am Post subject: |
|
|
I configured my host as described above:
- maradns on my vps, configured more or less as above,
- linode configured (in DNS manager) as slave for my domain
- two linode nameservers (plus some other secondary DNS my colleague serves for me) configured as servers for my domain
Everything seems to be working properly |
|
| Back to top |
|
ArbitraryConstant
Joined: 10 Feb 2007
Posts: 54
|
| Posted: Fri Jul 18, 2008 1:32 pm Post subject: |
|
|
The system seems to work pretty well. I recently moved everything over to ns{1,2,3,4}.linode.com, with my Linode as the master.
I've noticed a few quirks:
-ns{3,4} seem to take a few minutes to pick up changes sometimes.
-Subdomains don't work. I assume this is to prevent a malicious user from setting up www.mydomain.com on top of mydomain.com as a DNS poisoning attack.
I haven't seen any major issues, and it's one of my favorite features of Linode. Just getting name servers for the domain is trivial with most registrars, if you're looking to host at Linode at all you probably need more. Unfortunately a good DNS setup isn't something a single VPS can host by itself. Getting an infrastructure to do that is a great addition.
SteveG wrote: So? It's public information. That's why it's in the DNS. If you don't want people to find your hosts, don't put them in the system. The security impact isn't that large, it's mostly an image thing to be honest. Whether or not the practice is important, it's preferable to be seen to follow it. |
|
| Back to top |
|
IntuititveNipple
Joined: 03 Dec 2007
Posts: 21
|
| Posted: Sat Oct 11, 2008 6:50 am Post subject: Updated bind acl |
|
|
Someone jogged my memory about this post and I thought I'd update the bind acl list - I now have four Linode servers in /etc/bind/named.conf:
Code:
acl slaves {
69.93.127.10;
65.19.178.10;
75.127.96.10;
207.192.70.10;
};
|
|
| Back to top |
|
IntuititveNipple
Joined: 03 Dec 2007
Posts: 21
|
| Posted: Sat Oct 11, 2008 6:52 am Post subject: |
|
|
ArbitraryConstant wrote:
-Subdomains don't work. I assume this is to prevent a malicious user from setting up www.mydomain.com on top of mydomain.com as a DNS poisoning attack.
Delegated sub-domains should work the same as any other. On the master server delegate the sub-domain in the domain zone file, create the zone-file for the sub-domain, and add the sub-domain to Linode DNS Manager. |
|
| Back to top |
|
Malvineous
Joined: 24 Jan 2007
Posts: 7
Location: Brisbane, Australia
|
| Posted: Sun Oct 12, 2008 4:52 am Post subject: Re: Updated bind acl |
|
|
IntuititveNipple wrote: Someone jogged my memory about this post and I thought I'd update the bind acl list - I now have four Linode servers in /etc/bind/named.conf:
Code:
acl slaves {
69.93.127.10;
65.19.178.10;
75.127.96.10;
207.192.70.10;
};
Are you sure that's right? I have a couple of domains slaved to the Linode servers, but only the first two servers respond when I query them - the last two return ESERVFAIL.
EDIT: Oh wait, sorry, my bad - got confused with the nameservers. Yes, I have to add these to the Bind config *before* ns3 and ns4 will work... :oops: |
|
| Back to top |
|
| |
