Re: DNAME usage?

[Timothe Litt]

On 17-Nov-17 18:04, Mark Andrews wrote:
> DYN used to just require a TSIG signed update request set to a server 
> specified in
> a SRV record.
Depends on which service.  The one I referred to is the one that was
popular (free) for people who wanted to reach a machine on a dynamic IP
address.  Because it was popular, it was implemented in a number of
routers, including Linksys (low end) and Cisco (IOS).  I believe they
discontinued the free version, but the protocol lives on.

It's worse than DNS UPDATE in an number of respects - but is trivial to
implement in a router or script as the core is just an HTTP GET.
>
> We have a perfectly fine protocol for updating the DNS but DNS hosting 
> companies
> want to reinvent the wheel.
Agree. I wish that the DNS UPDATE protocol was the only one in the
wild.  Unfortunately, (non-jail broken) routers don't provide that
option, but do provide the http ("dyn") version.  So if you want to use
a service that requires it - or want to bridge a router that supports it
to DNS UPDATE, some invention is required.  I outlined an approach that
works for me.

For reference, cisco's IOS (now) supports both methods - to some extent.

See
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr_dns/configuration/15-sy/dns-15-sy-book/Dynamic-DNS-Support.html#GUID-DCA9088D-EB90-46DE-9E33-306C30BB79CE

And from that page, here's the reference to dyndns (you can change the
URI for other http services; it lists 6 others)

add

http://test:t...@members.dyndns.org/nic/update?system=dyndns&hostname=&myip=

I use https, of course.

Naturally, IOS doesn't support TSIG - so DNS UPDATE from it has to be
authorized by IP address. :-(

2136/7 have been around since 1997, so there's really no excuse for DNS
providers not tosupport them.

But we live in a world of excuses :-(



smime.p7s
Description: S/MIME Cryptographic Signature
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Re: DNAME usage?

[Jeff Sadowski]

On Fri, Nov 17, 2017 at 2:36 PM, Timothe Litt  wrote:
>
> On 17-Nov-17 14:48, Mark Andrews wrote:
>
> Alternatively use a http server that can update the records for the
> interfaces it is listening on.
>
> This sort of thing is possible. Named gets informed by the OS when addresses
> get added and removed. It currently just adds and removes listening sockets
> but you could trigger other actions like sending dynamic dns updates.
>
> Unless you ask for the functionality it won’t be added.
>
>
> --
> Mark Andrews
>
> On 18 Nov 2017, at 06:38, Mark Andrews  wrote:
>
> Just have the machine hosting the http server do a dynamic update of the A
> ana  records when they are assigned to the interface.
>
> It should be possible to get the os to run a program when this happens so it
> can perform a second dynamic update on a the different name.
>
> --
> Mark Andrews
>
> We don't have the whole story from the OP, but in the typical configuration
> that prompts this question, neither will solve the problem.  The problem is
> that the dhcp client and http server are likely not the same machine.
>
You are correct sir. :-)

> If you have a dynamic IP(v4) address & want to update DNS for a server, it's
> probably NATed (by a router) before the HTTP server sees it.
>
All clients accessing the web server are also in the nat so this
shouldn't matter

> The HTTP server always listens on the inside NAT address.  So it won't see
> an address change on its interface.
>
No it sees a change when rebooted. The other issue is when it is
cloned and renamed it is then two different machines that currently
have it autogen a new zone and dname with the windows 2008r2 method

> The router implementing NAT is what will get the dynamic address, from an
> ISP.  If it's a sealed box, it probably has support for updating DNS -
> though it's typically the dyndns protocol, not DNS update.  (Assuming the
> ISP hasn't disabled the feature.)  This is what dyndns, NO-IP, & others use.
> If you can modify the URL that it uses, you can point it to your own script,
> which then does a DNS UPDATE transaction.  I use this approach with Cisco
> IOS routers - though many others allow this - and still others can be fooled
> (e.g. with a HOSTS entry for one of the update servers).  What's nice about
> this is that you don't have to jailbreak or modify anything.  Just pretend
> to be an update service.
>
> If you're using a jailbroken or other Linux router, and it happens to be the
> same physical machine as HTTP server, it could look for routing updates on
> the external interface.  I don't think this is a common case (except for
> jailbroken routers - like OpenWRT).
>
> Most often, the HTTP server is on a separate machine and LAN - it can't see
> the external interface that gets the dynamic address.
>
> When the router won't notify someone about address changes, the usual
> solution is for something behind the NAT to poll an external public server
> for your IP address, then use the result to initiate a DNS UDPATE.  (e.g. A
> local script asks the external server to return the IP address that
> contacted it. (REMOTE_ADDR))  There are a bunch of services and scripts for
> this.  Most of the scripts update a DNS provider with the dyndns protocol
> (others use it).  The nicer "what's my IP address) scripts return json.  But
> changing them to do DNS UPDATE is pretty simple - See Net::DNS if you're a
> Perl person.
>
> If you have more than one site - or a friend - and prefer to be independent,
> you can easily write your own CGI scripts to return the other's IP address.
> echo "Content-Type: text/plain\nConnection:close\n\n$REMOTE_ADDR\n"; exit
> (If your friend doesn't have a static IP address, beware of deadlocks.)
>
> If you have access to the DHCP client's status (e.g. a leases file or some
> GUI or CLI on the router), you can sometimes get the external address from
> there.
>
> A web search for "dynamic IP update script" will turn up lots of resources -
> scripts & services.
>
> A drawback with polling solutions is that they're not instantaneous - you
> get the polling delay on top of whatever minimum TTL the DNS service
> imposes.  (And there are limits on how fast you can - or would want to -
> poll.)  That's fine for home hobbyists - especially since dynamic IP
> addresses are often stable for a VERY long time.  But I would be careful
> about running a business or other critical server where DNS updates lag
> address changes.
>
> So get a router that talks some dynamic update protocol and go from there.
> That minimizes the delay, and avoids having to retrieve your public address
> from an external source.
>
> https://help.dyn.com/remote-access-api/perform-update/ defines the dyndns
> update protocol - writing a server is straightforward.
>
> Of course if you have IPv6 - and are getting a dynamic address - you don't
> have to deal with NAT.  In that case, you can certainly have dhclient or
> RTNETLINK (see ip monitor) trigger a script.
>
> But no

Re: DNAME usage?

[Jeff Sadowski]

Can you give me an example of how to do that?

On Fri, Nov 17, 2017 at 12:48 PM, Mark Andrews  wrote:
> Alternatively use a http server that can update the records for the 
> interfaces it is listening on.
>
> This sort of thing is possible. Named gets informed by the OS when addresses 
> get added and removed. It currently just adds and removes listening sockets 
> but you could trigger other actions like sending dynamic dns updates.
>
> Unless you ask for the functionality it won’t be added.
>
>
> --
> Mark Andrews
>
>> On 18 Nov 2017, at 06:38, Mark Andrews  wrote:
>>
>> Just have the machine hosting the http server do a dynamic update of the A 
>> ana  records when they are assigned to the interface.
>>
>> It should be possible to get the os to run a program when this happens so it 
>> can perform a second dynamic update on a the different name.
>>
>> --
>> Mark Andrews
>>
>>> On 18 Nov 2017, at 04:19, Jeff Sadowski  wrote:
>>>
>>> I am a bit confused by DNAME's
>>> I had used them before but I may have used them wrong.
>>>
>>> On windows 2008r2 I have some zone's where I create a DNAME for the
>>> root and point it to an A record.
>>>
>>> IE:
>>>
>>> zone bla.bla
>>> SOA 
>>> NS 
>>> DNAME www.bla.com
>>>
>>> where www.bla.com is an A record.
>>>
>>> the reason I was doing this is because www.bla.com has a dhcp assigned 
>>> address
>>>
>>> and I want bla.bla to always point to it.
>>> windows dns does not allow a cname at the root of a zone.
>>>
>>> as of 2012r2 with updates this no longer works.
>>>
>>> So I decided to see what bind would do with DNAME If I tried a similar
>>> experiment
>>> I have a db.self file I used when I want certain outside addresses to
>>> point back to my inside addresses.
>>>
>>> my db.self file looks like so
>>>
>>>
>>> $TTL 3D
>>> @  1D  IN  SOA ns jeffsadowski.gmail.com. (
>>> 2017081201 ;
>>> 3H ;
>>> 15 ;
>>> 1w ;
>>> 3h ;
>>>)
>>> @ IN NS ns
>>> ns IN A 192.168.1.252
>>> @ IN A 192.168.1.252
>>>
>>> And I wand similar for my DNAME so I created db.dname that looks like so
>>>
>>> $TTL 3D
>>> @  1D  IN  SOA ns jeffsadowski.gmail.com. (
>>> 2017081201 ;
>>> 3H ;
>>> 15 ;
>>> 1w ;
>>> 3h ;
>>>)
>>> @ IN NS ns
>>> ns IN A 192.168.1.252
>>> @ IN DNAME methanemaker.mooo.com
>>>
>>> then when I try and start bind I get error messages like so
>>>
>>> Nov 17 09:55:53 methanemaker bash[7049]: zone bla.bla/IN: NS
>>> 'ns.bla.bla' is below a DNAME 'bla.bla' (illegal)
>>> Nov 17 09:55:53 methanemaker bash[7049]: zone bla.bla/IN: not loaded
>>> due to errors.
>>>
>>> I tried without the NS likes and I get this message
>>>
>>> Nov 17 09:48:36 methanemaker bash[4872]: zone bla.bla/IN: has no NS records
>>> Nov 17 09:48:36 methanemaker bash[4872]: zone bla.bla/IN: not loaded
>>> due to errors.
>>>
>>> If anyone has a better idea how to map to a dhcp addressed machine
>>> from a zone I'd like to know?
>>>
>>> I don't want to recreate the entire superdomain for just one record
>>> that needs changed
>>> IE:
>>> the super domain is managed by an outside service. I don't want to
>>> keep a second copy inside that has a few with different records.
>>> ___
>>> Please visit https://lists.isc.org/mailman/listinfo/bind-users to 
>>> unsubscribe from this list
>>>
>>> bind-users mailing list
>>> bind-users@lists.isc.org
>>> https://lists.isc.org/mailman/listinfo/bind-users
>>
>> ___
>> Please visit https://lists.isc.org/mailman/listinfo/bind-users to 
>> unsubscribe from this list
>>
>> bind-users mailing list
>> bind-users@lists.isc.org
>> https://lists.isc.org/mailman/listinfo/bind-users
>
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: DNAME usage?

[Mark Andrews]

DYN used to just require a TSIG signed update request set to a server specified 
in
a SRV record.

We have a perfectly fine protocol for updating the DNS but DNS hosting companies
want to reinvent the wheel.
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742  INTERNET: ma...@isc.org

___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: Re: DNAME usage?

[Timothe Litt]

On 17-Nov-17 14:48, Mark Andrews wrote:
> Alternatively use a http server that can update the records for the 
> interfaces it is listening on. 
>
> This sort of thing is possible. Named gets informed by the OS when addresses 
> get added and removed. It currently just adds and removes listening sockets 
> but you could trigger other actions like sending dynamic dns updates.
>
> Unless you ask for the functionality it won’t be added.
>
>
> --
> Mark Andrews
>
>> On 18 Nov 2017, at 06:38, Mark Andrews  wrote:
>>
>> Just have the machine hosting the http server do a dynamic update of the A 
>> ana  records when they are assigned to the interface.
>>
>> It should be possible to get the os to run a program when this happens so it 
>> can perform a second dynamic update on a the different name. 
>>
>> -- 
>> Mark Andrews
We don't have the whole story from the OP, but in the typical
configuration that prompts this question, neither will solve the
problem.  The problem is that the dhcp client and http server are likely
not the same machine.

If you have a dynamic IP(v4) address & want to update DNS for a server,
it's probably NATed (by a router) before the HTTP server sees it.

The HTTP server always listens on the inside NAT address.  So it won't
see an address change on its interface.

The router implementing NAT is what will get the dynamic address, from
an ISP.  If it's a sealed box, it probably has support for updating DNS
- though it's typically the dyndns protocol, not DNS update.  (Assuming
the ISP hasn't disabled the feature.)  This is what dyndns, NO-IP, &
others use.  If you can modify the URL that it uses, you can point it to
your own script, which then does a DNS UPDATE transaction.  I use this
approach with Cisco IOS routers - though many others allow this - and
still others can be fooled (e.g. with a HOSTS entry for one of the
update servers).  What's nice about this is that you don't have to
jailbreak or modify anything.  Just pretend to be an update service. 

If you're using a jailbroken or other Linux router, and it happens to be
the same physical machine as HTTP server, it could look for routing
updates on the external interface.  I don't think this is a common case
(except for jailbroken routers - like OpenWRT).

Most often, the HTTP server is on a separate machine and LAN - it can't
see the external interface that gets the dynamic address.

When the router won't notify someone about address changes, the usual
solution is for something behind the NAT to poll an external public
server for your IP address, then use the result to initiate a DNS
UDPATE.  (e.g. A local script asks the external server to return the IP
address that contacted it. (REMOTE_ADDR))  There are a bunch of services
and scripts for this.  Most of the scripts update a DNS provider with
the dyndns protocol (others use it).  The nicer "what's my IP address)
scripts return json.  But changing them to do DNS UPDATE is pretty
simple - See Net::DNS if you're a Perl person.

If you have more than one site - or a friend - and prefer to be
independent, you can easily write your own CGI scripts to return the
other's IP address.  echo "Content-Type:
text/plain\nConnection:close\n\n$REMOTE_ADDR\n"; exit  (If your friend
doesn't have a static IP address, beware of deadlocks.)

If you have access to the DHCP client's status (e.g. a leases file or
some GUI or CLI on the router), you can sometimes get the external
address from there. 

A web search for "dynamic IP update script" will turn up lots of
resources - scripts & services.

A drawback with polling solutions is that they're not instantaneous -
you get the polling delay on top of whatever minimum TTL the DNS service
imposes.  (And there are limits on how fast you can - or would want to -
poll.)  That's fine for home hobbyists - especially since dynamic IP
addresses are often stable for a VERY long time.  But I would be careful
about running a business or other critical server where DNS updates lag
address changes.

So get a router that talks some dynamic update protocol and go from
there.  That minimizes the delay, and avoids having to retrieve your
public address from an external source.

https://help.dyn.com/remote-access-api/perform-update/ defines the
dyndns update protocol - writing a server is straightforward.

Of course if you have IPv6 - and are getting a dynamic address - you
don't have to deal with NAT.  In that case, you can certainly have
dhclient or RTNETLINK (see ip monitor) trigger a script.  

But note that in the problem statement is:
> the super domain is managed by an outside service. 
This probably makes the OP's life more difficult.  Those services tend
not to support DNS UPDATE (or even dyndns update).  In that case, you're
into  using curl/wget to forms to their web gui.   And tracking their
"improvements".

Grief like that is why I ended up running my own DNS master server...and
getting static IP addresses for my central site. 

I guess I should point out t

Re: DNAME usage?

[Mark Andrews]

Alternatively use a http server that can update the records for the interfaces 
it is listening on. 

This sort of thing is possible. Named gets informed by the OS when addresses 
get added and removed. It currently just adds and removes listening sockets but 
you could trigger other actions like sending dynamic dns updates.

Unless you ask for the functionality it won’t be added.


--
Mark Andrews

> On 18 Nov 2017, at 06:38, Mark Andrews  wrote:
> 
> Just have the machine hosting the http server do a dynamic update of the A 
> ana  records when they are assigned to the interface.
> 
> It should be possible to get the os to run a program when this happens so it 
> can perform a second dynamic update on a the different name. 
> 
> -- 
> Mark Andrews
> 
>> On 18 Nov 2017, at 04:19, Jeff Sadowski  wrote:
>> 
>> I am a bit confused by DNAME's
>> I had used them before but I may have used them wrong.
>> 
>> On windows 2008r2 I have some zone's where I create a DNAME for the
>> root and point it to an A record.
>> 
>> IE:
>> 
>> zone bla.bla
>> SOA 
>> NS 
>> DNAME www.bla.com
>> 
>> where www.bla.com is an A record.
>> 
>> the reason I was doing this is because www.bla.com has a dhcp assigned 
>> address
>> 
>> and I want bla.bla to always point to it.
>> windows dns does not allow a cname at the root of a zone.
>> 
>> as of 2012r2 with updates this no longer works.
>> 
>> So I decided to see what bind would do with DNAME If I tried a similar
>> experiment
>> I have a db.self file I used when I want certain outside addresses to
>> point back to my inside addresses.
>> 
>> my db.self file looks like so
>> 
>> 
>> $TTL 3D
>> @  1D  IN  SOA ns jeffsadowski.gmail.com. (
>> 2017081201 ;
>> 3H ;
>> 15 ;
>> 1w ;
>> 3h ;
>>)
>> @ IN NS ns
>> ns IN A 192.168.1.252
>> @ IN A 192.168.1.252
>> 
>> And I wand similar for my DNAME so I created db.dname that looks like so
>> 
>> $TTL 3D
>> @  1D  IN  SOA ns jeffsadowski.gmail.com. (
>> 2017081201 ;
>> 3H ;
>> 15 ;
>> 1w ;
>> 3h ;
>>)
>> @ IN NS ns
>> ns IN A 192.168.1.252
>> @ IN DNAME methanemaker.mooo.com
>> 
>> then when I try and start bind I get error messages like so
>> 
>> Nov 17 09:55:53 methanemaker bash[7049]: zone bla.bla/IN: NS
>> 'ns.bla.bla' is below a DNAME 'bla.bla' (illegal)
>> Nov 17 09:55:53 methanemaker bash[7049]: zone bla.bla/IN: not loaded
>> due to errors.
>> 
>> I tried without the NS likes and I get this message
>> 
>> Nov 17 09:48:36 methanemaker bash[4872]: zone bla.bla/IN: has no NS records
>> Nov 17 09:48:36 methanemaker bash[4872]: zone bla.bla/IN: not loaded
>> due to errors.
>> 
>> If anyone has a better idea how to map to a dhcp addressed machine
>> from a zone I'd like to know?
>> 
>> I don't want to recreate the entire superdomain for just one record
>> that needs changed
>> IE:
>> the super domain is managed by an outside service. I don't want to
>> keep a second copy inside that has a few with different records.
>> ___
>> Please visit https://lists.isc.org/mailman/listinfo/bind-users to 
>> unsubscribe from this list
>> 
>> bind-users mailing list
>> bind-users@lists.isc.org
>> https://lists.isc.org/mailman/listinfo/bind-users
> 
> ___
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
> from this list
> 
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users

___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: DNAME usage?

[Mark Andrews]

Just have the machine hosting the http server do a dynamic update of the A ana 
 records when they are assigned to the interface.

It should be possible to get the os to run a program when this happens so it 
can perform a second dynamic update on a the different name. 

-- 
Mark Andrews

> On 18 Nov 2017, at 04:19, Jeff Sadowski  wrote:
> 
> I am a bit confused by DNAME's
> I had used them before but I may have used them wrong.
> 
> On windows 2008r2 I have some zone's where I create a DNAME for the
> root and point it to an A record.
> 
> IE:
> 
> zone bla.bla
> SOA 
> NS 
> DNAME www.bla.com
> 
> where www.bla.com is an A record.
> 
> the reason I was doing this is because www.bla.com has a dhcp assigned address
> 
> and I want bla.bla to always point to it.
> windows dns does not allow a cname at the root of a zone.
> 
> as of 2012r2 with updates this no longer works.
> 
> So I decided to see what bind would do with DNAME If I tried a similar
> experiment
> I have a db.self file I used when I want certain outside addresses to
> point back to my inside addresses.
> 
> my db.self file looks like so
> 
> 
> $TTL 3D
> @  1D  IN  SOA ns jeffsadowski.gmail.com. (
>  2017081201 ;
>  3H ;
>  15 ;
>  1w ;
>  3h ;
> )
> @ IN NS ns
> ns IN A 192.168.1.252
> @ IN A 192.168.1.252
> 
> And I wand similar for my DNAME so I created db.dname that looks like so
> 
> $TTL 3D
> @  1D  IN  SOA ns jeffsadowski.gmail.com. (
>  2017081201 ;
>  3H ;
>  15 ;
>  1w ;
>  3h ;
> )
> @ IN NS ns
> ns IN A 192.168.1.252
> @ IN DNAME methanemaker.mooo.com
> 
> then when I try and start bind I get error messages like so
> 
> Nov 17 09:55:53 methanemaker bash[7049]: zone bla.bla/IN: NS
> 'ns.bla.bla' is below a DNAME 'bla.bla' (illegal)
> Nov 17 09:55:53 methanemaker bash[7049]: zone bla.bla/IN: not loaded
> due to errors.
> 
> I tried without the NS likes and I get this message
> 
> Nov 17 09:48:36 methanemaker bash[4872]: zone bla.bla/IN: has no NS records
> Nov 17 09:48:36 methanemaker bash[4872]: zone bla.bla/IN: not loaded
> due to errors.
> 
> If anyone has a better idea how to map to a dhcp addressed machine
> from a zone I'd like to know?
> 
> I don't want to recreate the entire superdomain for just one record
> that needs changed
> IE:
> the super domain is managed by an outside service. I don't want to
> keep a second copy inside that has a few with different records.
> ___
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
> from this list
> 
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users

___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: DNAME usage?

[Chris Buxton]

A DNAME is a CNAME generator for subdomains of the DNAME record itself. That is:

example.com .  DNAME   example.net 
.

will result in any query for "foo.example.com " to be 
answered with a dynamically-generated CNAME record like this:

foo.example.com .  DNAME   foo.example.net 
.

It has no effect on the name of the DNAME record itself -- it is not a CNAME 
record for example.com , and doesn't do the same job. The 
use case you describe cannot be solved by RFC-compliant DNS -- the name of a 
zone cannot be an alias of some other name. Creating the parent zone and 
putting the CNAME in there will create more problems for you.

Regards,
Chris Buxton

> On Nov 17, 2017, at 9:19 AM, Jeff Sadowski  wrote:
> 
> I am a bit confused by DNAME's
> I had used them before but I may have used them wrong.
> 
> On windows 2008r2 I have some zone's where I create a DNAME for the
> root and point it to an A record.
> 
> IE:
> 
> zone bla.bla
> SOA 
> NS 
> DNAME www.bla.com
> 
> where www.bla.com is an A record.
> 
> the reason I was doing this is because www.bla.com has a dhcp assigned address
> 
> and I want bla.bla to always point to it.
> windows dns does not allow a cname at the root of a zone.
> 
> as of 2012r2 with updates this no longer works.
> 
> So I decided to see what bind would do with DNAME If I tried a similar
> experiment
> I have a db.self file I used when I want certain outside addresses to
> point back to my inside addresses.
> 
> my db.self file looks like so
> 
> 
> $TTL 3D
> @  1D  IN  SOA ns jeffsadowski.gmail.com. (
>  2017081201 ;
>  3H ;
>  15 ;
>  1w ;
>  3h ;
> )
> @ IN NS ns
> ns IN A 192.168.1.252
> @ IN A 192.168.1.252
> 
> And I wand similar for my DNAME so I created db.dname that looks like so
> 
> $TTL 3D
> @  1D  IN  SOA ns jeffsadowski.gmail.com. (
>  2017081201 ;
>  3H ;
>  15 ;
>  1w ;
>  3h ;
> )
> @ IN NS ns
> ns IN A 192.168.1.252
> @ IN DNAME methanemaker.mooo.com
> 
> then when I try and start bind I get error messages like so
> 
> Nov 17 09:55:53 methanemaker bash[7049]: zone bla.bla/IN: NS
> 'ns.bla.bla' is below a DNAME 'bla.bla' (illegal)
> Nov 17 09:55:53 methanemaker bash[7049]: zone bla.bla/IN: not loaded
> due to errors.
> 
> I tried without the NS likes and I get this message
> 
> Nov 17 09:48:36 methanemaker bash[4872]: zone bla.bla/IN: has no NS records
> Nov 17 09:48:36 methanemaker bash[4872]: zone bla.bla/IN: not loaded
> due to errors.
> 
> If anyone has a better idea how to map to a dhcp addressed machine
> from a zone I'd like to know?
> 
> I don't want to recreate the entire superdomain for just one record
> that needs changed
> IE:
> the super domain is managed by an outside service. I don't want to
> keep a second copy inside that has a few with different records.
> ___
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
> from this list
> 
> bind-users mailing list
> bind-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
> 

___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

DNAME usage?

[Jeff Sadowski]

I am a bit confused by DNAME's
I had used them before but I may have used them wrong.

On windows 2008r2 I have some zone's where I create a DNAME for the
root and point it to an A record.

IE:

zone bla.bla
SOA 
NS 
DNAME www.bla.com

where www.bla.com is an A record.

the reason I was doing this is because www.bla.com has a dhcp assigned address

and I want bla.bla to always point to it.
windows dns does not allow a cname at the root of a zone.

as of 2012r2 with updates this no longer works.

So I decided to see what bind would do with DNAME If I tried a similar
experiment
I have a db.self file I used when I want certain outside addresses to
point back to my inside addresses.

my db.self file looks like so


$TTL 3D
@  1D  IN  SOA ns jeffsadowski.gmail.com. (
  2017081201 ;
  3H ;
  15 ;
  1w ;
  3h ;
 )
@ IN NS ns
ns IN A 192.168.1.252
@ IN A 192.168.1.252

And I wand similar for my DNAME so I created db.dname that looks like so

$TTL 3D
@  1D  IN  SOA ns jeffsadowski.gmail.com. (
  2017081201 ;
  3H ;
  15 ;
  1w ;
  3h ;
 )
@ IN NS ns
ns IN A 192.168.1.252
@ IN DNAME methanemaker.mooo.com

then when I try and start bind I get error messages like so

Nov 17 09:55:53 methanemaker bash[7049]: zone bla.bla/IN: NS
'ns.bla.bla' is below a DNAME 'bla.bla' (illegal)
Nov 17 09:55:53 methanemaker bash[7049]: zone bla.bla/IN: not loaded
due to errors.

I tried without the NS likes and I get this message

Nov 17 09:48:36 methanemaker bash[4872]: zone bla.bla/IN: has no NS records
Nov 17 09:48:36 methanemaker bash[4872]: zone bla.bla/IN: not loaded
due to errors.

If anyone has a better idea how to map to a dhcp addressed machine
from a zone I'd like to know?

I don't want to recreate the entire superdomain for just one record
that needs changed
IE:
the super domain is managed by an outside service. I don't want to
keep a second copy inside that has a few with different records.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users