I generally agree with Eric's responses below -- however your current
resolve.conf doesn't JUST identify dns servers; it ALSO defines a
default domain to search.
*IF* you install pdns-resolver (and I agree with Eric that you should),
you should make your resolv.conf look like:
search pps-inc.com
nameserver 127.0.0.1
This "solution" will result in better performance on your mailserver,
without placing a significant additional processing burden on the same
server.
If you're like me, and often "ssh into" servers in your domain with just
the hostname, you'll want to keep that "search" option in there.
Dan
IT4SOHO
QMT DNS/Mirror Admin
On 8/30/2013 6:08 PM, Eric Shubert wrote:
On 08/30/2013 01:19 PM, Jim Shupert wrote:
here are contents of /etc/resolv.conf
search pps-inc.com
nameserver 216.136.95.2
nameserver 192.168.200.226
===================
the above refers to 2 other machines that are running bind dns
Right. The first is twtelecom, presumably your ISP.
The second (which would only be used if the first one had a problem)
is running on your local network.
And that might not be the *smart move*
It's not ideal. It's not quite as efficient as it might be, plus
you're primarily at the mercy of your ISP for correct name resolution.
I take it you think I should be running dns on my mailserver?
A resolver, yes. (NOT an authoritative DNS server though).
and the dns pkg of choice is pdns-recursor
Yes.
install w
# yum install pdns-recursor
# service named stop
# service pdns-recursor start
# chkconfig named off
# chkconfig pdns-recursor on
- all I have to have in the conf is one line -- 'localhost'?
nameserver 127.0.0.1
Correct. The dns resolving service (pdns-recursor) runs on the QMT
host itself.
You might leave the
nameserver 216.136.95.2
line in there listed 2nd as a backup resolver, but I prefer to know if
my localhost resolver is having an issue. Not having a backup lets me
know rather quickly. ;)
If you feel better using a backup resolver, I would consider using
google (8.8.8.8, 4.4.4.4) or opendns (208.67.220.220, 208.67.222.222)
as backup resolvers. They both have good reputations for reliability.
what about allow-from
http://www.thatfleminggent.com/2009/08/09/getting-a-powerdns-recursor-up-and-going-fast
pdns-recursor will allow requests from localhost by default. If you
want to use this server as a resolver for other hosts on your network,
you can tailor this and your firewall appropriately.
That link is a little dated, as pdns-recursor is now in the base el5
repo.
I am not an 'expert' with dns
Thanks for the help!
Sure. We all learn a little along the way.
Now that I'm looking at this again, I realize that you need
*absolutely nothing* in your /etc/resolv.conf file. Linux uses itself
by default. :)
I may just begin making a habit of installing pdns-recursor on all my
servers and leaving /etc/resolv.conf empty. One less thing to deal with.
--
PLEASE TAKE NOTE OF OUR NEW ADDRESS
===================================
IT4SOHO, LLC
33 - 4th Street N, Suite 211
St. Petersburg, FL 33701-3806
CALL TOLL FREE:
877-IT4SOHO
877-484-7646 Phone
727-647-7646 Local
727-490-4394 Fax
We have support plans for QMail!
