DNS

Good question.

I would like to provide managed DNS service for clients, but that's not going to help you in the short-term.

You should explore for domain name registrars that provide self-managed DNS options – ones that have a control panel to create A records and MX records and such.

I know that register.com does this, and Yahoo! Domains, believe it or not. Not sure about Verisign (probably). Not sure about any of the OpenSRS registrars.

-Chris

There is also :

The Public DNS Service http://soa.granitecanyon.com/

-Chris

whoa neat.. thanks man. i'll give this a shot.

http://www.mydomain.com/ gives you loads of free DNS toys

I use http://www.zoneedit.com/

I've been with them for about 2 months and have had no problems. They will let you host 5 domains for free. Web interface isn't very pretty, but it's effective. Updates get enacted very quickly too. Some of the free DNS services changes don't show up to the rest of the world for up to a day.

ok cool.. bout to sign up for my domain soon. i'll give one of these a try and post my results.

I ended up signing up with namecheap.com. 8.88 is good for me. plus they have a pretty neat control panel. i set the A record (www) for my website to my ip address. I can access my website to www.croomshine.com. I was wonder how I can access my website to just only croomshine.com. Thanks.

Not sure how namecheap.com does it, but you'll just need to make an A record for croomshine.com and point it at your IP. In bind, you'd put and "@" symbol instead of the hostname (www) for the DNS record.

I got it working.. at namecheap (where I signed up) I put in my IP address for the @ location.. along with the www location.

Whenever I do a trace route to croomshine.com it gives me the following info…
> 1 <1 ms <1 ms <1 ms eh-core-2.gw.pitt.edu [136.142.147.2]

2 <1 ms <1 ms <1 ms cl-core-2.gw.pitt.edu [136.142.253.217]

3 <1 ms <1 ms <1 ms externals-cl.gw.pitt.edu [136.142.2.161]

4 <1 ms <1 ms <1 ms bar-pitt-cl-i1-ge-4-1-0-0.psc.net [192.88.115.148]

5 <1 ms <1 ms <1 ms minime.psc.net [192.88.115.5]

6 <1 ms <1 ms <1 ms pos4-1-1-0.a01.pitbpa05.us.ra.verio.net [199.239.216.13]

7 6 ms 6 ms 6 ms p4-2-1-0.r02.mclnva02.us.bb.verio.net [129.250.16.90]

8 6 ms 6 ms 6 ms p16-7-0-0.r01.mclnva02.us.bb.verio.net [129.250.5.11]

9 7 ms 7 ms 7 ms p16-0-1-0.r21.asbnva01.us.bb.verio.net [129.250.2.181]

10 7 ms 7 ms 7 ms p16-4-0-0.r02.asbnva01.us.bb.verio.net [129.250.2.63]

11 7 ms 7 ms 7 ms iad3-peer10.algx.net [206.223.115.33]

12 330 ms 346 ms 344 ms iad3-core2-pos7-0.atlas.algx.net [165.117.69.166]

13 333 ms 337 ms 338 ms iad3-core3-pos7-0.atlas.algx.net [165.117.64.6]

14 9 ms 9 ms 9 ms dca10-core1-so-7-3-0.atlas.algx.net [165.117.67.61]

15 345 ms 366 ms 365 ms atl10-core2-so-0-2-0-0.atlas.algx.net [165.117.200.5]

16 347 ms 339 ms 369 ms atl10-core1-so-0-1-0-0.atlas.algx.net [165.117.192.1]

17 351 ms 345 ms 354 ms dfw10-core2-so-0-2-0-0.atlas.algx.net [165.117.200.2]

18 371 ms 350 ms 348 ms dfw10-core10-pos7-0.atlas.algx.net [165.117.192.74]

19 361 ms 361 ms 360 ms dfw5-core1-pos7-0-pos6-0.atlas.algx.net [165.117.69.129]

20 564 ms 456 ms 430 ms 206.181.190.10

21 404 ms 390 ms 394 ms ge-0-1-0.ibr4.dllstx2.theplanet.com [12.96.160.233]

22 363 ms 370 ms 348 ms car1-2-v1.dllstx2.theplanet.com [12.96.160.12]

23 351 ms 346 ms 347 ms li-24.members.linode.com [64.5.53.24]

Is there any way for it to resolve to croomshine.com? Thanks.

hehe.. seems like algx is having some load problems.

@sec39:

Is there any way for it to resolve to croomshine.com? Thanks.
If you fill out a support ticket with what you want your IP to reverse to, I'll make the changes on my end.

-Chris

I tried a couple of the links in this thread, but they seem to be down.

Anyway, I (perhaps prematurely) signed up for hostway.com $7 deal. The only options I have to edit are Primary DNS hostname, secondary (and also 3rd - 6th DNS hostnames), and I can also do Domain Name Forwarding.

I want the simple setup where a user types www.mydomain.com and it goes to my ip, but I of course, don't want my ip to show up in the browser cause that doesn't look very nice.

Is it a hack to have Hostway "domain forward" to my IP on linode, and then have Caker do the "reverse" thing that's mentioned on this thread? Or is "domain forward" just friendly terminology for the "a record" that I've read a little about?

Thanks all.

Start out by looking over this. If that doesn't answer your question, give me a little more info and I'll see if I can help. Which hostway plan did you sign up for? Is it one of these? They all have different features and without knowing which one you have I can't help you.

–James

Guess I'll be moving my domain business away from Network Solutions this weekend. ..and applying some still bleeding patches to a few servers so that it doesn't take a week for users to find out they misspelled an email address, not to mention my mail queues filling up with bounced spam that can't be delivered but keep trying because there is an A record for the spammer's made up domain.

So who would you (anyone) suggest to register domains with? I was going to use godaddy, however advertising "domain by proxy" from their main page, and all their dirty dns tools makes me think very poorly of them. How is mydomain.com? Any others that anyone has had good luck with?

Kenny

I hate verisign with a passion; not just as an end-user dealing with their crappy support, etc, but also due to their business practices, SUCH as adding the wildcard A record for any domain that doesn't resolve. This is going to break so many things, I can't wait to see what happens to them.

At any rate, I've implemented OpenSRS in the past and like it very much. So, my recommendation goes out to any of the OpenSRS resellers. You can also go to http://www.domaindirect.com/ directly (TuCow's own domain reseller company).

-Chris

iptables -t nat -A POSTROUTING -d sitefinder-idn.verisign.com -j DNAT --to $SERVER_OF_YOUR_CHOICE

@kenny:

So who would you (anyone) suggest to register domains with? I was going to use godaddy, however advertising "domain by proxy" from their main page, and all their dirty dns tools makes me think very poorly of them. How is mydomain.com? Any others that anyone has had good luck with?

I've used http://active-domain.com for a couple of registrations for some friends. They are dirt cheap but their DNS management stuff is pretty simplistic. If you just want someone to be your registrar, they are fine. Then you can have your DNS hosted by http://zoneedit.com, whom I have found to be excellent.

Oh yeah, and I'd recommend staying away from register.com. I unfortunately have them as my registrar and I find that their tools for managing your domain don't work very well. I've tried to change my contact information several times and have it fail to take effect. I've opened support tickets with them about this issue and they never seem to get it right. I've given up. I wouldn't use them again.

@caker:

I hate verisign with a passion; not just as an end-user dealing with their crappy support, etc, but also due to their business practices, SUCH as adding the wildcard A record for any domain that doesn't resolve. This is going to break so many things, I can't wait to see what happens to them.

-Chris

You may wish to sign this:

http://www.petitiononline.com/icanndns/

@irgeek:

Start out by looking over this. If that doesn't answer your question, give me a little more info and I'll see if I can help. Which hostway plan did you sign up for? Is it one of these? They all have different features and without knowing which one you have I can't help you.

–James

Hey James, thanks for the link, I'm reading it now. As for my plan, yes it's one of those. I have the $6.95 Domain Registration plan. Was I too cheap for my own good?

> I have the $6.95 Domain Registration plan. Was I too cheap for my own good?

I wouldn't worry about it too much. At the basic level, all registrars provide the same service, registering your domain. I'm the type of person that doesn't trust any internet company that wants to "help" me set things up, so I'd suggest you get an account at one of the free DNS hosting companies. Then use your linode to host http and mail servers. That way you have control over your domain. http://www.tldp.org/ has HOWTOs for just about everything. If they don't answer your questions, post them here.

–James

@inkblot:

iptables -t nat -A POSTROUTING -d sitefinder-idn.verisign.com -j DNAT --to $SERVER_OF_YOUR_CHOICE

Some ISPs are already doing this. So now how can you tell if you mistyped the url, or the site is down. This problem applies to all dns-enabled services.

Email is a Hugh one (at least for me)..

• A user mistypes a domain in an email

• the mail server then finds the above A record for the non-existent domain (or, what should be nxdomain)

• and thus tries delivering mail to the above site (sitefinder-idn.verisign.com for now)

• it cannot connect to the site because it's being dos'd, your isp is blocking it, you're blocking it, for whatever reason it just can't contacted it

• it then queues the message for later delivery instead of bouncing back to the user right away saying that the domain does not exist

• it now takes up to a week for the user to realize they simply mistyped the email address

..unless you mail server can actually connect to the ip they are providing, which is currently running

#!/bin/sh
echo "220 snubby2-wcwest Snubby Mail Rejector Daemon v1.3 ready"
read
echo "250 OK"
read FROM
echo $FROM >> /var/log/suckers
echo "250 OK"
read
echo "550 User domain does not exist."
read
echo "250 OK"
read
echo "221 snubby2-wcwest Snubby Mail Rejector Daemon v1.3 closing transmission channel
Connection closed by foreign host."
exit

(hope I dont get sued for sharing their source!) then your message will get bounced right away (well, if the above actually works with your mail server) and VeriSign makes off with your enduser's email addresses! and if they feel like it, the message body as well.

It's easy to see how the above would cause rare problems for your endusers. Now, instead of it being a legit message going to a non-existing domain, image it being spam that your server is trying to bounce back to a non-existent domain (common with spam). Normally it'd "double-bounce" it (a bounced bounce) and toss the message, but now it takes a week or so for this double-bounce to happen. All of these message waiting to double-bounce are sitting in your queue, this could be hundreds, it could be tens of thousands depending on how much traffic you get.

The good people who make qmail-ldap released patches for qmail that handle this by comparing the returned address with the address that is returned from a wildcard lookup of the same tld.

There is a patch for dnscache. You provide it a list of ips that it should ignore. The problem is that this list can change. You could of course write a script to run once an hour and update this list. The positive is that it doesn't generate the extra lookups that the bind patch will (at least that's my understanding).

This is my problem with VeriSign, they didn't just create a "site-finder" to help lost users, in practice they changed how dns works, thus forcing everyone else to work around it.

Hehe, sorry this turned out to be a rant.

Kenny

@irgeek:

> I have the $6.95 Domain Registration plan. Was I too cheap for my own good?

I wouldn't worry about it too much. At the basic level, all registrars provide the same service, registering your domain. I'm the type of person that doesn't trust any internet company that wants to "help" me set things up, so I'd suggest you get an account at one of the free DNS hosting companies. Then use your linode to host http and mail servers. That way you have control over your domain. http://www.tldp.org/ has HOWTOs for just about everything. If they don't answer your questions, post them here.

–James

I've read the relevant document (I think) at the site, but I'm still confused (I don't think I'm quite ready for all of this knowledge yet, so I'm trying to get the basics of what I need and then I'll extend from there.)

So, I'm on Hostway.com, and in their control panel, as far as I can tell, these are the only relevant entries which I can change:

Primary DNS Hostname: a.dns.hostway.net

Secondary DNS Hostname: b.dns.hostway.net

Third DNS Hostname (optional):

…

Sixth DNS Hostname (optional):

and then Domain name forwarding…

Forward all requests for http://www. site>.com to:

I of course, have my IP with linode. I would like to get it so that when you type in www.mydomainname.com, it goes to my site. Pretty simple. From reading, it seems I want to edit the "A record". But there doesn't seem to be an option for that with Hostway. There is this domain forwarding thing, but from the how-to document it seems that it's a different thing than editing the A record. Should I settle for just editing the domain forwarding address?

Secondly, I am running a mail server (qmail) and I don't understand what I will enter in my mail client (remotely) to check my email. I'd like it to be something like mail.mydomain.com. Intuitively, it seems that anything with mydomain.com should be directed to my linode, and then if it's www it knows to use my apache server, and if its mail it knows to use qmail.

Thanks for the help.

> I've read the relevant document (I think) at the site, but I'm still confused (I don't think I'm quite ready for all of this knowledge yet, so I'm trying to get the basics of what I need and then I'll extend from there.)

These questions come up all the time. I'm putting together a very basic HOWTO for all of us. Check back soon. I'll post a link here when it's ready for prime-time.

–James

@irgeek:

These questions come up all the time. I'm putting together a very basic HOWTO for all of us. Check back soon. I'll post a link here when it's ready for prime-time.

Whether or not its ready for prime-time is a matter up for discussion, but here's the first version. Read it over and let me know what you think. There's a link at the bottom of it to e-mail me.

Right now though, I need to start writing my paper that's due tomorrow.

–James

I have used Easy DNS http://www.easydns.com and have been very pleased - they also are an opensrs reseller.

Just adding another name to the list of providers!

Well godaddy provides full dns control aswell

@LokiVidalez:

Well godaddy provides full dns control aswell
That's right. You probably already have what you need within GoDaddy.

They make it a little hard to find at first. See this thread, especially my post near the end.

http://www.linode.com/forums/viewtopic.php?t=406

@irgeek:

I use http://www.zoneedit.com/

I've been with them for about 2 months and have had no problems. They will let you host 5 domains for free. Web interface isn't very pretty, but it's effective. Updates get enacted very quickly too. Some of the free DNS services changes don't show up to the rest of the world for up to a day.

I'd reccomend them too, I use them and they work very well for me.

-Ashen