bind9 graphical admin interface
On Apr 2, 2008, at 12:53 AM, Boris Pavlov wrote:
[cut] Craig's information is correct, but the "ugly tricks" comment isn't fair. Those "ugly tricks" aren't that bad, and they've been WELL documented since 1998 in RFC 2317! Those, well documented ,in rfc, tricks are, indeed, UGLY tricks. Having something well documented does not make it beautiful. Yeah, but the tricks are only necessary because IP's don't map well to a hierarchical namespace that has the least significant field on the right, and the most significant field on the left, while people fluent in "IP" read least specific to most specific left to right.. Honestly, pointing CNAMES from one zone to another is done all the time for Forward DNS, example a company with a main domain and sub- domains administered by more local admins... bigcompany.com CNAME to delegate intranet.bigcompany.com to the internal website people CNAME for us.intranet.bigcompany.com to send that to the nameserver run by the US IT folks CNAME for au.intranet.bigcompany.com to send that to the nameserver run by the folks in Oz This is all completely normal for DNS. The RFC is just applying that knowledge to the reverse mapping of IP addresses. It's not difficult, not that uncommon in forward zones, and not really all that "ugly". I think the problem is, people don't really get "delegation" of sub- zones, even in the forward direction. Then they're asked to read IP addresses "backward" on the screen and they just end up hopelessly confused, because whoever taught them, didn't explain the concept of delegated zones clearly. All zones are delegated from ".", which is seeded into all resolvers by hard-coded files, after all. Then you just work your way down from the top of the tree. Same with reverse DNS, but it's all listed backwards, which drives people batty who can't force themselves to "think like DNS, not the router" and "work from right to left". Honestly, there are too much classful/octal ugly shit still floating around. Fire up IPv6 and make it worse. Then you can start struggling with broken clients that refuse to look up your AAAA records in your DNS server once they've cached an A record, and similar. Giant hex numbers are definitely a step forward in usability... (cough)! :-) DNS just isn't hard. For a completely distributed mini database (imagine what anyone could do with TXT files but don't...) -- including administration of the servers -- that operates worldwide, it's pretty impressive. Some of the router tricks and things done to Anycast the root servers (some of them anyway) is also some neat work. The only system more impressive that's as distributed as DNS (or should I say similar design, but a much more controlled user-base and certification requirements for clients and servers, and closed access) is SS7 in telecom, mostly because it has strict rules about lookup times that DNS does not. (Cough, Comcast DNS admins... slow... cough...) -- Nate Duehr nate@natetech.com -- To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org |
bind9 graphical admin interface
A. Dreyer (debian-isp) wrote:
randall wrote: Adam McGreggor wrote: On Tue, Apr 01, 2008 at 07:01:29PM +0200, randall wrote: dear all, i have some troubles with my ISP, its a small time ISP who manages the glassfiber connection for our office building and provides several services for the tennants. its a Ms shop with a point and click admin and i must say i' m not really impressed by his knowledge, not really a problem since i only need the internet connection and there is little that can go wrong there between me and the cisco router set up there by a professional provider....accept for 1 thing.....PTR records... his software has a nice button that says do you want to create a PTR record but its simply not working. What do dig/nslookup report? NXDOMAIN unless i dig @his.dns.server -x directly Hi, This sounds like there is no upstream referer to his DNS Server. Who owns the IP range? Who is your ISPs upstream ISP? Please contact the person listed as Admin-C when you run whois -h -d $IP Regards, Achim turns out to be a tiny little misconfig upstream after all, thanks for the hint. in the meanwhile i'll take the time to dive a little more in to bind and dns, smbind as a simple zone management tool looks pretty nice. -- To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org |
| All times are GMT. The time now is 07:51 AM. |
VBulletin, Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.