Re: [bitfolk] critique my bind9 setup

Hi All, well, my bind setup looks pretty stable after all the comments and suggestions from this list. Thanks! The zone file is appended for more evolution if anyone wants to discuss it some more. The commands % host -a exoco.net and % dig +short -t mx exoco.net @212.13.195.120 return the values that I think they should. I did not know about the helpful 'D' shorthand notation. I plan to RFC my reverse DNS zone file in a short while. I did not know that the reverse DNS would afftect my sendmail relay/origin, but had it since <http://linux.justinhartman.com/DNS_Installation_and_Setup_using_BIND9> discussed it. Cheers, Max ; ; BIND data file for example.com ; $TTL 3D @ SOA ns.exoco.net. admin.exoco.net. ( 2010100401 ; Serial - YYYYMMDDXX 7200 ; Refresh - 2hrs 600 ; Retry - 10mins 604800 ; Expire - 1wks 3600) ; minimum - 1hr ; ; Useful doc for above SOA values: ; http://www.ripe.net/ripe/docs/ripe-203.html ; NS ns.exoco.net. NS a.authns.bitfolk.com. NS b.authns.bitfolk.com. NS c.authns.bitfolk.com. MX 0 smtp.exoco.net. MX 50 backup.mail.bitfolk.com. A 212.13.195.120 ns A 212.13.195.120 www CNAME exoco.net. smtp A 212.13.195.120 ________________________________ From: Paul Booth &lt;pabooth(a)neonex.com&gt; To: users(a)lists.bitfolk.com Sent: Mon, October 4, 2010 12:23:03 AM Subject: Re: [bitfolk] critique my bind9 setup Hey, The only things I could say are as follows: On 03/10/2010 16:31, Max B wrote: Do you really need a TTL of a week? 3 days seems more sensible. Also, you might want to use the W, D, H and M notation in zone files rather than seconds, to make it much more readable. Did you mean "ns.exoco.net" here? If you're intending to use ns.exoco.net as an authoratitive name server for exoco.net, you'll need a glue record to hold it all together. A hidden primary configuration is something you may want to consider looking into. Basically having a primary server that just holds the zone files, but is never queried directly for records, it lets other servers which have already pulled the zone data from it do that. If you're intending to use this box as an outgoing smtp relay/origin, it's a very good idea to have reverse DNS set too. It won't break anything per-se, but it's bad practice as Andy has already said. Cheers, Paul. -- Paul Booth Technical Services Group, Neonex W: www.neonex.com M: +44 (0)7973 666678 T: +44 (0)1276 309911 F: +44 (0)1276 597127 Unit B1E, Fairoaks Airport Chobham, Surrey GU24 8HX Neonex - Cloud Computing Made Clear _______________________________________________ users mailing list users(a)lists.bitfolk.com https://lists.bitfolk.com/mailman/listinfo/users