DNS
29 Replies
I would like to provide managed DNS service for clients, but that's not going to help you in the short-term.
You should explore for domain name registrars that provide self-managed DNS options – ones that have a control panel to create A records and MX records and such.
I know that register.com does this, and Yahoo! Domains, believe it or not. Not sure about Verisign (probably). Not sure about any of the OpenSRS registrars.
-Chris
I've been with them for about 2 months and have had no problems. They will let you host 5 domains for free. Web interface isn't very pretty, but it's effective. Updates get enacted very quickly too. Some of the free DNS services changes don't show up to the rest of the world for up to a day.
> 1 <1 ms <1 ms <1 ms eh-core-2.gw.pitt.edu [136.142.147.2]
2 <1 ms <1 ms <1 ms cl-core-2.gw.pitt.edu [136.142.253.217]
3 <1 ms <1 ms <1 ms externals-cl.gw.pitt.edu [136.142.2.161]
4 <1 ms <1 ms <1 ms bar-pitt-cl-i1-ge-4-1-0-0.psc.net [192.88.115.148]
5 <1 ms <1 ms <1 ms minime.psc.net [192.88.115.5]
6 <1 ms <1 ms <1 ms pos4-1-1-0.a01.pitbpa05.us.ra.verio.net [199.239.216.13]
7 6 ms 6 ms 6 ms p4-2-1-0.r02.mclnva02.us.bb.verio.net [129.250.16.90]
8 6 ms 6 ms 6 ms p16-7-0-0.r01.mclnva02.us.bb.verio.net [129.250.5.11]
9 7 ms 7 ms 7 ms p16-0-1-0.r21.asbnva01.us.bb.verio.net [129.250.2.181]
10 7 ms 7 ms 7 ms p16-4-0-0.r02.asbnva01.us.bb.verio.net [129.250.2.63]
11 7 ms 7 ms 7 ms iad3-peer10.algx.net [206.223.115.33]
12 330 ms 346 ms 344 ms iad3-core2-pos7-0.atlas.algx.net [165.117.69.166]
13 333 ms 337 ms 338 ms iad3-core3-pos7-0.atlas.algx.net [165.117.64.6]
14 9 ms 9 ms 9 ms dca10-core1-so-7-3-0.atlas.algx.net [165.117.67.61]
15 345 ms 366 ms 365 ms atl10-core2-so-0-2-0-0.atlas.algx.net [165.117.200.5]
16 347 ms 339 ms 369 ms atl10-core1-so-0-1-0-0.atlas.algx.net [165.117.192.1]
17 351 ms 345 ms 354 ms dfw10-core2-so-0-2-0-0.atlas.algx.net [165.117.200.2]
18 371 ms 350 ms 348 ms dfw10-core10-pos7-0.atlas.algx.net [165.117.192.74]
19 361 ms 361 ms 360 ms dfw5-core1-pos7-0-pos6-0.atlas.algx.net [165.117.69.129]
20 564 ms 456 ms 430 ms 206.181.190.10
21 404 ms 390 ms 394 ms ge-0-1-0.ibr4.dllstx2.theplanet.com [12.96.160.233]
22 363 ms 370 ms 348 ms car1-2-v1.dllstx2.theplanet.com [12.96.160.12]
23 351 ms 346 ms 347 ms li-24.members.linode.com [64.5.53.24]
Is there any way for it to resolve to croomshine.com? Thanks.
hehe.. seems like algx is having some load problems.
@sec39:
Is there any way for it to resolve to croomshine.com? Thanks.
If you fill out a support ticket with what you want your IP to reverse to, I'll make the changes on my end.
-Chris
Anyway, I (perhaps prematurely) signed up for hostway.com $7 deal. The only options I have to edit are Primary DNS hostname, secondary (and also 3rd - 6th DNS hostnames), and I can also do Domain Name Forwarding.
I want the simple setup where a user types
Is it a hack to have Hostway "domain forward" to my IP on linode, and then have Caker do the "reverse" thing that's mentioned on this thread? Or is "domain forward" just friendly terminology for the "a record" that I've read a little about?
Thanks all.
So who would you (anyone) suggest to register domains with? I was going to use godaddy, however advertising "domain by proxy" from their main page, and all their dirty dns tools
Kenny
At any rate, I've implemented OpenSRS in the past and like it very much. So, my recommendation goes out to any of the OpenSRS resellers. You can also go to
-Chris
iptables -t nat -A POSTROUTING -d sitefinder-idn.verisign.com -j DNAT --to $SERVER_OF_YOUR_CHOICE
@kenny:
So who would you (anyone) suggest to register domains with? I was going to use godaddy, however advertising "domain by proxy" from their main page, and all their
makes me think very poorly of them. How is mydomain.com? Any others that anyone has had good luck with? dirty dns tools
I've used http://active-domain.comhttp://zoneedit.com
@caker:
I hate verisign with a passion; not just as an end-user dealing with their crappy support, etc, but also due to their business practices, SUCH as adding the wildcard A record for any domain that doesn't resolve. This is going to break so many things, I can't wait to see what happens to them.
-Chris
You may wish to sign this:
@irgeek:
Start out by looking over
. If that doesn't answer your question, give me a little more info and I'll see if I can help. Which hostway plan did you sign up for? Is it one of this? They all have different features and without knowing which one you have I can't help you. these–James
Hey James, thanks for the link, I'm reading it now. As for my plan, yes it's one of those. I have the $6.95 Domain Registration plan. Was I too cheap for my own good?
> I have the $6.95 Domain Registration plan. Was I too cheap for my own good?
I wouldn't worry about it too much. At the basic level, all registrars provide the same service, registering your domain. I'm the type of person that doesn't trust any internet company that wants to "help" me set things up, so I'd suggest you get an account at one of the free DNS hosting companies. Then use your linode to host http and mail servers. That way you have control over your domain.
–James
@inkblot:
iptables -t nat -A POSTROUTING -d sitefinder-idn.verisign.com -j DNAT --to $SERVER_OF_YOUR_CHOICE
Some ISPs are already doing this. So now how can you tell if you mistyped the url, or the site is down. This problem applies to all dns-enabled services.
Email is a Hugh one (at least for me)..
A user mistypes a domain in an email
the mail server then finds the above A record for the non-existent domain (or, what should be nxdomain)
and thus tries delivering mail to the above site (sitefinder-idn.verisign.com for now)
it cannot connect to the site because it's being dos'd, your isp is blocking it, you're blocking it, for whatever reason it just can't contacted it
it then queues the message for later delivery instead of bouncing back to the user right away saying that the domain does not exist
it now takes up to a week for the user to realize they simply mistyped the email address
..unless you mail server can actually connect to the ip they are providing, which is currently running
#!/bin/sh
echo "220 snubby2-wcwest Snubby Mail Rejector Daemon v1.3 ready"
read
echo "250 OK"
read FROM
echo $FROM >> /var/log/suckers
echo "250 OK"
read
echo "550 User domain does not exist."
read
echo "250 OK"
read
echo "221 snubby2-wcwest Snubby Mail Rejector Daemon v1.3 closing transmission channel
Connection closed by foreign host."
exit
(hope I dont get sued for sharing their source!) then your message will get bounced right away (well, if the above actually works with your mail server) and VeriSign makes off with your enduser's email addresses! and if they feel like it, the message body as well.
It's easy to see how the above would cause rare problems for your endusers. Now, instead of it being a legit message going to a non-existing domain, image it being spam that your server is trying to bounce back to a non-existent domain (common with spam). Normally it'd "double-bounce" it (a bounced bounce) and toss the message, but now it takes a week or so for this double-bounce to happen. All of these message waiting to double-bounce are sitting in your queue, this could be hundreds, it could be tens of thousands depending on how much traffic you get.
The good people who make qmail-ldappatches
There is a patch
This is my problem with VeriSign, they didn't just create a "site-finder" to help lost users, in practice they changed how dns works, thus forcing everyone else to work around it.
Hehe, sorry this turned out to be a rant.
Kenny
@irgeek:
> I have the $6.95 Domain Registration plan. Was I too cheap for my own good?I wouldn't worry about it too much. At the basic level, all registrars provide the same service, registering your domain. I'm the type of person that doesn't trust any internet company that wants to "help" me set things up, so I'd suggest you get an account at one of the free DNS hosting companies. Then use your linode to host http and mail servers. That way you have control over your domain.
http://www.tldp.org/ has HOWTOs for just about everything. If they don't answer your questions, post them here.–James
I've read the relevant document (I think) at the site, but I'm still confused (I don't think I'm quite ready for all of this knowledge yet, so I'm trying to get the basics of what I need and then I'll extend from there.)
So, I'm on Hostway.com, and in their control panel, as far as I can tell, these are the only relevant entries which I can change:
Primary DNS Hostname: a.dns.hostway.net
Secondary DNS Hostname: b.dns.hostway.net
Third DNS Hostname (optional):
…
Sixth DNS Hostname (optional):
and then Domain name forwarding…
Forward all requests for
I of course, have my IP with linode. I would like to get it so that when you type in
Secondly, I am running a mail server (qmail) and I don't understand what I will enter in my mail client (remotely) to check my email. I'd like it to be something like mail.mydomain.com. Intuitively, it seems that anything with mydomain.com should be directed to my linode, and then if it's www it knows to use my apache server, and if its mail it knows to use qmail.
Thanks for the help.
> I've read the relevant document (I think) at the site, but I'm still confused (I don't think I'm quite ready for all of this knowledge yet, so I'm trying to get the basics of what I need and then I'll extend from there.)
These questions come up all the time. I'm putting together a very basic HOWTO for all of us. Check back soon. I'll post a link here when it's ready for prime-time.
–James
@irgeek:
These questions come up all the time. I'm putting together a very basic HOWTO for all of us. Check back soon. I'll post a link here when it's ready for prime-time.
Whether or not its ready for prime-time is a matter up for discussion, but here's the first version
Right now though, I need to start writing my paper that's due tomorrow.
–James
http://www.easydns.com
Just adding another name to the list of providers!
@LokiVidalez:
Well godaddy provides full dns control aswell
That's right. You probably already have what you need within GoDaddy.
They make it a little hard to find at first. See this thread, especially my post near the end.
@irgeek:
I use
http://www.zoneedit.com/ I've been with them for about 2 months and have had no problems. They will let you host 5 domains for free. Web interface isn't very pretty, but it's effective. Updates get enacted very quickly too. Some of the free DNS services changes don't show up to the rest of the world for up to a day.
I'd reccomend them too, I use them and they work very well for me.
-Ashen