Re: DNS recommendations - the paper, "Elmar K. Bins" ekb@localhost
- Date: Wed, 25 Nov 1998 11:07:37 +0100
> @ IN SOA ns.isp.net. netmaster.isp.net.
> ( 1998100100 86400 3600 604800 345600 )
s/netmaster/hostmaster/ see RFC 2142
or, i think it was piet who recommended being conservative,
and do not relying on aliases, rather use a real mailbox name.
Me? Conservative? :-)
Both approaches have pros and cons. In "old" times an
alias file could become corrupt or get lost, but that
wouldn't affect mail directly to mailboxes. "hostmaster"
and "postmaster", being longer than 8 chars, usually
were aliases, On the other hand, a *personal* mailbox
wasn't a good idea, because it usually was unattended
when the person was on holidays. Besides, a vacation
notice from a postmaster or hostmaster is never a good
idea. So, if I remember correctly, I suggested to put
a real, but shared mailbox there.
> =======================
> A Address Records
> =======================
>
> Synopsis
> [<hostname>] [<TTL>] IN A <IPV4 address> [<IPV4 address> ...]
please do not use the term 'hostname' as it causes great controversy
re charset.
True. Officially you should use the term "label" here.
But I wouldn't be that conservative (;-)), because in
general an A record *is* associated with a host(name),
and the charset is a different issue.
> Recommendations and remarks
> Do not use FQDNs in the <host> part. Hosts in subdomains
> \340 la "www.internal", which resolve to "www.internal.<zone>"
> are okay though. Remember that IP addresses do not end in
> a dot. Do not forget to maintain reverse delegation as well.
\340?
Charset... ;-)
> ==============================
> CNAME Canonical Name Records
> ==============================
>
> Synopsis
> <alias> [<TTL>] IN CNAME <hostname>
again, not 'hostname' please. i believe that the rdata for a cname
is an arbitrary domain name.
Correct. Not even a "label".
> Glue records
> "Glue records" is a term that describes entering A records into
> a zone for machines whose hostnames do not lie within <zone>.
s/do not/do/
That has always been hard to explain.
XX. SOA ()
ns.foo.xx. A 1.2.3.4
foo.xx. NS ns.foo.xx.
bar.yy. NS ns.bar.yy.
The ns.foo.xx A RR *must* be there, otherwise there's
no "bootstrap" for the foo.xx domain. But many people
don't see ns.foo.xx as lying within the XX zone, but
in the foo.xx zone. In fact it's in both. That also
implies that it can have different [default] TTL's in
both zone files.
On the other hand ns.bar.yy is definitely outside the
current zone file, so there may be *no* glue record
for it in this zone file.
a cute and good sanity check is, a glue rr must never need
a terminating dot on the label.
Right. But sometimes I tend to be conservative, so I
always put the FQDN in NS records.
Piet
|
you are here: RIPE -> RIPE Maillists > Archives
