Part of this process also involves changing the nameservers from Bitfolks old servers to their new ones.  My registrar currently has the old ones, would it make sense add the three new ones to my zone file, then have my registrar update to the new ones, and then remove the old ones?  I'm hoping to avoid as much downtime as possible, and there's a lag between requesting the change from my registrar and the change actually being made.


Andy Smith wrote: 
Hi Michael,

On Mon, Jul 26, 2010 at 04:42:58PM -0400, Michael Corliss wrote:
  
I understand that rsyncing is being discouraged in favor of
setting up a DNS server of my  own.
    
In case anyone was not aware of this, here's why:

When people whose zone files are being rsynced edit their files,
they are supposed to run named-checkzone on them to check that their
zone file is syntactically valid. I don't think very many people do
this, because I frequently end up with a zone file that my
nameserver can't parse.  The errors are then only visible to me, so
I have to open a ticket and get people to fix them.

Having the customer run their own nameserver is a much better
solution because they get to immediately see syntax any errors they
might introduce and do not need a back-and-forth with support to
sort them out.

At the time the rsynced zone files solution was in place, the
smallest BitFolk VPS had 120MiB RAM, and it was a reasonable
complaint that running an authoritative DNS server on such a small
VPS was a burden.

For a long time now, 240MiB RAM has been the smallest available in a
BitFolk VPS, and it's really perfectly feasible to run your own
authoritative name server in that. Whether you choose to expose your
own name server to the Internet or only to BitFolk's authoritative
servers is up to you.

So, while I've left all existing rsynced zone files in place, I have
not accepted new ones in that way for a long time. I'm also not keen
to update existing rsync configurations when people migrate to new
VPSes, hence Michael's email.

  
I'm under the impression that setting up a DNS server will  
similarly carry the information in the zone file to Bitfolks servers, but 
I'm unfamiliar with how this process works.
    
How it works:

When a name server loads a zone, the serial number at the top of the
zone is checked. If the new serial is larger than the old one (or if
the zone is completely new), the name server sends out a DNS NOTIFY
packet to each of the hosts listed as NS records in the zone file.

On receipt of a NOTIFY, these hosts then attempt to make a connect
the source of the NOTIFY and check if they need to transfer the zone
content. This is known as AXFR.

  
I've look at the Ubuntu  documentation for bind9, but I'm not sure
if I need a caching server, a  DNS primary, or a DNS secondary.
    
The names "primary" and "secondary" can be confusing. There's
basically two kinds of name server:

- a caching resolver, sometimes just called a resolver, or a cache;
  and

- an authoritative server, sometimes abbreviated to "auth server".

"primary" and "secondary" are names for authoritative DNS servers
that perform certain roles.

The usual distinction is that a "primary" server gets its zone
content directly from the admin, perhaps in the form of a zone file.
There is only one "primary" server.

"secondary" servers get their zone content from elsewhere, usually
the primary, but really it could be any other authoritative server
i.e. other "secondary" servers!

>From the point of view of the DNS client, all authoritative servers
are as good as each other.

You need to set up an authoritative name server; it's going to be
authoritative for the zone(s) you load into it. For bind9, this is
really just a particular configuration. Probably the default one.
bind9 can act as either authoritative or caching resolver (or both
at once, but that's not a recommended configuration).

  
Can anyone who's done this give me some pointers?
    
1. Install a name server (bind9 is a good choice if you are
   unfamiliar with name servers, because it's the most popular, and
   your zone file is already in bind format).

2. Load your existing zone file into it. It shouldn't require any
   modification except to increment the serial number at the top.

3. Query your name server to check that it has the records in it
   that you expect.

4. Configure your name server to allow AXFR from BitFolk's servers.
   Here's the list of servers:

       * a.authns.bitfolk.com
       * b.authns.bitfolk.com
       * c.authns.bitfolk.com

   Resolve those names to IPs to put into your config.

5. Contact support@bitfolk.com to ask for secondary DNS to be set
   up. Please specify the domain name and your VPS account name.

Cheers,
Andy

  

_______________________________________________
users mailing list
users@lists.bitfolk.com
https://lists.bitfolk.com/mailman/listinfo/users