Re: "spare hosts" as personal DNS nameservers for 'mynew.org'

2017-07-12 Thread Carl Byington 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

On Wed, 2017-07-12 at 16:21 -0500, b...@zq3q.org wrote:
> OK, I'm ready to consider other registrars, any suggestions
> would be appreciated.

I like gkg.net - they have an API so you can automatically upload new DS
records when you do DNSSEC key rollovers.


-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.14 (GNU/Linux)

iEUEAREKAAYFAllmtQwACgkQL6j7milTFsGcNQCdEMVMhDjbb/G++ors2jJgH5Yp
zHsAl3mvhHy0EybJzoO1g0rF+lLvDuc=
=/PA6
-END PGP SIGNATURE-


___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: "spare hosts" as personal DNS nameservers for 'mynew.org'

2017-07-12 Thread Grant Taylor via bind-users 

On 07/12/2017 03:21 PM, b...@zq3q.org wrote:

OK, I'm ready to consider other registrars, any suggestions
would be appreciated.


$Dynadot++ has been good to me.  I can pay them via PayPal and they 
support DS records for DNSSEC if you eventually want to mess with that. 
-  I think they were reasonably priced too.


I dislike the following and voted by spending my money elsewhere.
$GoDaddy--  They try to up sell you ever chance they get and IMHO their 
web UI tries to make every possible chance to up sell possible.
$Hover--  Formerly "It's Your Domain" (who was decent) changed to Hover 
and seemed to be a registrar as a side need of a different service they 
were selling.  They really put me off.




--
Grant. . . .
unix || die



smime.p7s
Description: S/MIME Cryptographic Signature
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: "spare hosts" as personal DNS nameservers for 'mynew.org'

2017-07-12 Thread bind 
Hi Reindl:

On Tue 7/11/17 18:05 +0200 Reindl Harald wrote:
> 
> Am 11.07.2017 um 15:57 schrieb b...@zq3q.org:
> > Assume I register domain 'mynew.org' with registrar namecheap; and as an 
> > exercise,
> > I plan to setup my own two authoritative DNS nameservers for 'mynew.org'.
> > 
> > I have several linux VMs, that are under used, so I want to use them
> > for the nameservers for 'mynew.org'.  **Neither are in 'mynew.org';
> > is that going to work?**
> > 
> > namecheap support seems to suggest that the personal DNS authorative 
> > nameservers
> > for 'mynew.org', must be in 'mynew.org', as in
> > 
> >  ns1.mynew.org
> >  ns2.mynew.org
> 
> for sure not 
> and i am repsonsible for both zones and some hundret others 
> on that nameservers over 15 years

Thanks for confirming.

> https://intodns.com/rhsoft.net confirms that all is fine

Thanks for this tool!

> and when your 
> registrar really has such crazy requirements switch to a sane one - 
> frankly it's even not helpful in case you need to switch nameservers 
> because in the case above they become GLUE records with a TTL of 172800 
> independent from the zone TTL

OK, I'm ready to consider other registrars, any suggestions
would be appreciated.

https://www.gandi.net/ 
has been suggested by Matthew Seaman. Looks good to me.

related rant: http://zq3q.org/pz/#zycbu_Choosing_a_DNS_registrar

> i had to switch a server which hosted websites and one of the 
> nameservers (i know don't mix it) to a different machine some years ago 
> and it was not funny that it took ages until webclients used the new IP 
> address while NDS would not have been a problem by just keep the old one 
> as additional slave until shut it down
> 
> ns1.thelounge.net.   ['85.124.176.242']   [TTL=172800]
> ns2.thelounge.net.   ['91.118.73.16']   [TTL=172800]
> 
> [harry@rh:~]$ whois rhsoft.net
> ...
> Name Server: ns1.thelounge.net
> Name Server: ns2.thelounge.net
> DNSSEC: Unsigned
> 
> [harry@rh:~]$ dig NS rhsoft.net @ns1.thelounge.net
> ; <<>> DiG 9.10.5-P2-RedHat-9.10.5-2.P2.fc25 <<>> NS rhsoft.net 
> @ns1.thelounge.net
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27172
> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
> 
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 1024
> ;; QUESTION SECTION:
> ;rhsoft.net.IN  NS
> 
> ;; ANSWER SECTION:
> rhsoft.net. 86400   IN  NS  ns2.thelounge.net.
> rhsoft.net. 86400   IN  NS  ns1.thelounge.net.
--snip

On Tue 7/11/17 21:33 +0200 Reindl Harald wrote:
--snip
> > What is a domain registrar with good support, that can guide me through
> > getting this to work under linux (fedora 24 and bind 9.x)?  I can buy a new 
> > domain
> > if need be.
> 
> no need - you can transfer your domains at any point in time

Thanks.  I may as well learn that process.

--snip
> 
> in case of .at we are directly registrar and our infrastructure talks 
> idrectly via 
> https://en.wikipedia.org/wiki/Extensible_Provisioning_Protocol to 

Thx for the above link.

> nic.at, for other TLD's we use https://www.epag.de/ which belongs in the 
> meantime to GoDaddy

Thx, I looked at https://www.epag.de/en/

> it should not be that hard to find a service which let you define the 
> nameservers of your domain - if it's a registrar at it's own or a 
> reseller don#t matter that much because the only point is whatever 
> interface that let you define "these hosts are the nameservers for 
> excample.com"

--
regards,
Tom

___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: "spare hosts" as personal DNS nameservers for 'mynew.org'

2017-07-12 Thread Tony Finch 
b...@zq3q.org  wrote:

> One of my real hosts is below xen.prgmr.com, like the fake 'zap' above,
> so I would have to email prgmr.com support to get them to add
>
> mynew.org. IN NS zap.xen.prgmr.com.
> ^^^ << Is this valid?
>
> to the xen.prgmr.com zone.

There's a bit of confusion here, but this is a legitimately confusing
part of the DNS because there are multiple layers of indirection and
two kinds of indirection...

The first kind there are the delegation records in the parent zone, and
the authoritative records at the apex of the child zone.

The other kind, zones have name servers, and name servers have addresses.

For example, my zone is dotat.at. It has the name servers

dotat.at.   3600IN  NS  ns1.gratisdns.dk.
dotat.at.   3600IN  NS  ns3.gratisdns.dk.
dotat.at.   3600IN  NS  grey.dotat.at.
dotat.at.   3600IN  NS  puck.nether.net.

For a correct delegation, these NS records have to appear in the parent
zone (which I configure through my registrar) and at the apex of my zone
(on my master server, alongside the SOA etc.).

The second level of indirection is from name server names to addresses.
These are just normal hostname address records, so they appear in the
authoritative zones indicted by their names.

(You seemed to be confused about where NS records live. I hope this
clarified it for you!)

(To make GratisDNS and Puck authoritative for my zone, I used their user
interfaces to ask them to act as secondaries, telling them what my master
server IP addresses are. No changes to their DNS records, just their
server configutation which isn't visible from the outside.)

But, there's also glue.

Glue is a special case for name server hostnames which are in the child
zone - in my example this applies to grey.dotat.at. These hostnames need
address records in the delegation to avoid a circular dependency.

$ dig +noall +additional grey.dotat.at @d.ns.at
grey.dotat.at.  10800   IN  A   131.111.57.57
grey.dotat.at.  10800   IN  2001:630:212:110::d:7a7

You configure your glue records through your registrar alongside your
delegation NS records. Usually you get to specify a list of nameserver
names, each with optional addresses - you only need to specify the
addresses when the hostname is in the child zone.

Basically what you are doing with this registrar user interface is
providing a COPY of data from the delegated zone: the apex NS records,
and any addresses of nameservers whose hostnames are inside the delegated
zone.

Tony.
-- 
f.anthony.n.finch    http://dotat.at/  -  I xn--zr8h punycode
Fisher: Northwesterly 5 to 7, occasionally gale 8 in east. Moderate or rough.
Showers. Good.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: "spare hosts" as personal DNS nameservers for 'mynew.org'

2017-07-11 Thread Niall O'Reilly 

On 11 Jul 2017, at 22:01, b...@zq3q.org wrote:


As I wrote to Niall (msg dated 11 Jul 2017 15:04:32 -0500) ,


That hasn't reached me yet.


I **do not** have a NS record for each of my two
nameservers, in the domain zone that the respective nameserver itself 
is in.

That is a mistake, I need to fix, right?


Short answer: just no.

Long answer: not unless either of your servers is providing name service 
for

the zone that the nameserver itself is in.  As I understand from your
original message, this is not the case, so just no.

I hope this helps.

With best regards,
Niall O'Reilly


___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: "spare hosts" as personal DNS nameservers for 'mynew.org'

2017-07-11 Thread bind 
Hi Matthew:

On Tue 7/11/17 15:24 +0100 Matthew Seaman wrote:
> On 2017/07/11 14:57, b...@zq3q.org wrote:
> 
> > I have several linux VMs, that are under used, so I want to use them
> > for the nameservers for 'mynew.org'.  **Neither are in 'mynew.org';
> > is that going to work?**
> 
> Yes, that will work.  There is no requirement for any of the NSes for
> a zone to be part of that zone or, conversely, not part of that zone.

This seems imp:

> Although if any of the NSes are in the zone, there should be glue
> records added at the level above.

As I wrote to Niall (msg dated 11 Jul 2017 15:04:32 -0500) ,
I **do not** have a NS record for each of my two 
nameservers, in the domain zone that the respective nameserver itself is in.
That is a mistake, I need to fix, right?

> > namecheap support seems to suggest that the personal DNS authorative
> > nameservers for 'mynew.org', must be in 'mynew.org', as in
> >
> > ns1.mynew.org ns2.mynew.org
> 
> This is not a requirement from the DNS side.  It's normal for
> providers to offer this -- vanity name servers are usually a selling
> point.

OK.  Thanks for that term "vanity name servers".

> Even so, if you can make ns1.mynew.org and ns2.mynew.org resolve to
> the A or  addresses of your VMs, you should be good to go. named
> is going to work the same irrespective of whatever it thinks the
> hostname of your VM is, and that can be different to the name users
> look up in the DNS.
> 
> Failing that, there are any number of other providers that will let
> you register a domain, and the vast majority of those certainly will
> let you specify your own nameservers.

If you have a specific registrar in mind with good support pls let 
me know.

--
thanks/regards,
Tom
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: "spare hosts" as personal DNS nameservers for 'mynew.org'

2017-07-11 Thread bind 
Hi Niall:

On Tue 7/11/17 15:24 +0100 "Niall O'Reilly" wrote:
> On 11 Jul 2017, at 14:57, b...@zq3q.org wrote:
> 
> > Assume I register domain 'mynew.org' with registrar namecheap; and as 
> > an exercise,
> > I plan to setup my own two authoritative DNS nameservers for 
> > 'mynew.org'.
> >
> > I have several linux VMs, that are under used, so I want to use them
> > for the nameservers for 'mynew.org'.  **Neither are in 'mynew.org';
> > is that going to work?**
> 
> Unless you misconfigure things, it should just work.

**I think I have one thing wrong, pls confirm:**
Assume my 'spare nameservers'  are these fictious ones:

pup.asdf.org
zap.xen.prgmr.com

I did **not** register:

pup  as a nameserver for mynew.org in asdf.org
zap  as a nameserver for mynew.org in xen.prgmr.com

One of my real hosts *is below xen.prgmr.com*, like the fake 'zap' above,
so I would have to email
prgmr.com support to get them to add

mynew.org. IN NS zap.xen.prgmr.com.
^^^ << Is this valid?

to the xen.prgmr.com zone.

Is this correct?

--
I tried to get terminology roughly right.  In my fictious example,
I had to pick a registrar (not namecheap) to help me create the 'asdf.org'. 
Then to
get a NS record for pup.asdf.org to be authoritative for "mynew.org."
in the zone for 'asdf.org', I have to deal with the registrar's web GUI, and
"register" pup.asdf.org as this NS.  If course there is also a SOA, and NS
record in the "mynew.org." zone. Sorry if I'm getting pedantic, but
I would appreciate anyone correcting me so I understand.

> > namecheap support seems to suggest that the personal DNS authorative 
> > nameservers
> > for 'mynew.org', must be in 'mynew.org', as in
> >
> > ns1.mynew.org
> > ns2.mynew.org
> 
> Nonsense.

Thanks.

In fairness, different support email lead me in conflicting directions.
They do have a 'custom DNS servers' option, that seems to support name servers
that are "non vanity" / "outside-the-domain-they-are-authoritative-for" 
nameservers.
That option silently failed for me (see "I think I have one thing wrong" above).
It's frustrating that my registrar does not share any error logs that could pin
point the problem.

>OTOH, if your registrar is obdurate, you may need to find
> a creative work-around.
> 
> > This is not what I want, since I do not want to spin up 2 new servers.
> 
> You can work around the obduracy without spinning up any new server.
> Simply use the addresses of each of your existing servers in the 
> (you are using IPv6, I hope?) and A records for the new names.

I prefer not to use a work around. I'm willing to go with another
registrar, if someone could suggest one.

--
In any case, see if I understand you:
So, at the registrar level for mynew.org, I specify the vanity name
servers ns1.mynew.org, and ns2.mynew.org with the IP addresses of
pup and zap.  I also add (sorry IP4) 'A' records for ns1.mynew.org, and
ns2.mynew.org in the mynew.org zone for nameservers pup and zap.

> Of course, this can only work if your servers have public, reachable 
> addresses.

They are public.

--snip

THANKS Niall for the help and good words!

--
regards,
Tom
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: "spare hosts" as personal DNS nameservers for 'mynew.org'

2017-07-11 Thread Reindl Harald 



Am 11.07.2017 um 20:56 schrieb b...@zq3q.org:

On Tue 7/11/17 15:23 +0100 Tony Finch wrote:

b...@zq3q.org  wrote:


I have several linux VMs, that are under used, so I want to use them
for the nameservers for 'mynew.org'.  Neither are in 'mynew.org';
is that going to work?


Yes, that is perfectly normal. For example,

$ dig +noall +answer ns dotat.at
dotat.at.   3559IN  NS  ns1.gratisdns.dk.
dotat.at.   3559IN  NS  ns3.gratisdns.dk.
dotat.at.   3559IN  NS  grey.dotat.at.
dotat.at.   3559IN  NS  puck.nether.net.

$ dig +noall +answer ns ac.uk
ac.uk.  20993   IN  NS  ns0.ja.net.
ac.uk.  20993   IN  NS  ns1.surfnet.nl.
ac.uk.  20993   IN  NS  ns2.ja.net.
ac.uk.  20993   IN  NS  ns3.ja.net.
ac.uk.  20993   IN  NS  ns4.ja.net.
ac.uk.  20993   IN  NS  auth03.ns.uu.net.
ac.uk.  20993   IN  NS  ws-fra1.win-ip.dfn.de.


Thanks for the good examples Tony.

Nice to learn your "+noall +answer" dig syntax also.

--
What is a domain registrar with good support, that can guide me through
getting this to work under linux (fedora 24 and bind 9.x)?  I can buy a new 
domain
if need be.


no need - you can transfer your domains at any point in time


My current registrar may respond with a different person, for each mail
for a given single issue, and I'm getting inconsistent answers.  They will not
tell me any of their log error info; not sure if they even look?  They ignore
several of my questions.  In fairness they are sincere and trying


in case of .at we are directly registrar and our infrastructure talks 
idrectly via 
https://en.wikipedia.org/wiki/Extensible_Provisioning_Protocol to 
nic.at, for other TLD's we use https://www.epag.de/ which belongs in the 
meantime to GoDaddy


it should not be that hard to find a service which let you define the 
nameservers of your domain - if it's a registrar at it's own or a 
reseller don#t matter that much because the only point is whatever 
interface that let you define "these hosts are the nameservers for 
excample.com"

___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: "spare hosts" as personal DNS nameservers for 'mynew.org'

2017-07-11 Thread bind 
On Tue 7/11/17 15:23 +0100 Tony Finch wrote:
> b...@zq3q.org  wrote:
> 
> > I have several linux VMs, that are under used, so I want to use them
> > for the nameservers for 'mynew.org'.  Neither are in 'mynew.org';
> > is that going to work?
> 
> Yes, that is perfectly normal. For example,
> 
> $ dig +noall +answer ns dotat.at
> dotat.at.   3559IN  NS  ns1.gratisdns.dk.
> dotat.at.   3559IN  NS  ns3.gratisdns.dk.
> dotat.at.   3559IN  NS  grey.dotat.at.
> dotat.at.   3559IN  NS  puck.nether.net.
> 
> $ dig +noall +answer ns ac.uk
> ac.uk.  20993   IN  NS  ns0.ja.net.
> ac.uk.  20993   IN  NS  ns1.surfnet.nl.
> ac.uk.  20993   IN  NS  ns2.ja.net.
> ac.uk.  20993   IN  NS  ns3.ja.net.
> ac.uk.  20993   IN  NS  ns4.ja.net.
> ac.uk.  20993   IN  NS  auth03.ns.uu.net.
> ac.uk.  20993   IN  NS  ws-fra1.win-ip.dfn.de.

Thanks for the good examples Tony.  

Nice to learn your "+noall +answer" dig syntax also.

--
What is a domain registrar with good support, that can guide me through
getting this to work under linux (fedora 24 and bind 9.x)?  I can buy a new 
domain
if need be.

My current registrar may respond with a different person, for each mail
for a given single issue, and I'm getting inconsistent answers.  They will not
tell me any of their log error info; not sure if they even look?  They ignore
several of my questions.  In fairness they are sincere and trying.

--
thanks,
Tom
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: "spare hosts" as personal DNS nameservers for 'mynew.org'

2017-07-11 Thread Reindl Harald 


Am 11.07.2017 um 15:57 schrieb b...@zq3q.org:

Assume I register domain 'mynew.org' with registrar namecheap; and as an 
exercise,
I plan to setup my own two authoritative DNS nameservers for 'mynew.org'.

I have several linux VMs, that are under used, so I want to use them
for the nameservers for 'mynew.org'.  **Neither are in 'mynew.org';
is that going to work?**

namecheap support seems to suggest that the personal DNS authorative nameservers
for 'mynew.org', must be in 'mynew.org', as in

 ns1.mynew.org
 ns2.mynew.org


for sure not and i am repsonsible for both zones and some hundret others 
on that nameservers over 15 years


https://intodns.com/rhsoft.net confirms that all is fine and when your 
registrar really has such crazy requirements switch to a sane one - 
frankly it's even not helpful in case you need to switch nameservers 
because in the case above they become GLUE records with a TTL of 172800 
independent from the zone TTL


i had to switch a server which hosted websites and one of the 
nameservers (i know don't mix it) to a different machine some years ago 
and it was not funny that it took ages until webclients used the new IP 
address while NDS would not have been a problem by just keep the old one 
as additional slave until shut it down


ns1.thelounge.net.   ['85.124.176.242']   [TTL=172800]
ns2.thelounge.net.   ['91.118.73.16']   [TTL=172800]

[harry@rh:~]$ whois rhsoft.net
...
Name Server: ns1.thelounge.net
Name Server: ns2.thelounge.net
DNSSEC: Unsigned

[harry@rh:~]$ dig NS rhsoft.net @ns1.thelounge.net
; <<>> DiG 9.10.5-P2-RedHat-9.10.5-2.P2.fc25 <<>> NS rhsoft.net 
@ns1.thelounge.net

;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27172
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1024
;; QUESTION SECTION:
;rhsoft.net.IN  NS

;; ANSWER SECTION:
rhsoft.net. 86400   IN  NS  ns2.thelounge.net.
rhsoft.net. 86400   IN  NS  ns1.thelounge.net.

___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: "spare hosts" as personal DNS nameservers for 'mynew.org'

2017-07-11 Thread Niall O'Reilly 

On 11 Jul 2017, at 14:57, b...@zq3q.org wrote:

Assume I register domain 'mynew.org' with registrar namecheap; and as 
an exercise,
I plan to setup my own two authoritative DNS nameservers for 
'mynew.org'.


I have several linux VMs, that are under used, so I want to use them
for the nameservers for 'mynew.org'.  **Neither are in 'mynew.org';
is that going to work?**


Unless you misconfigure things, it should just work.

namecheap support seems to suggest that the personal DNS authorative 
nameservers

for 'mynew.org', must be in 'mynew.org', as in

ns1.mynew.org
ns2.mynew.org


Nonsense.  OTOH, if your registrar is obdurate, you may need to find
a creative work-around.


This is not what I want, since I do not want to spin up 2 new servers.


You can work around the obduracy without spinning up any new server.
Simply use the addresses of each of your existing servers in the 
(you are using IPv6, I hope?) and A records for the new names.

Of course, this can only work if your servers have public, reachable 
addresses.


**Pls confirm, that I do not need to do this, and that I could use 2 
existing
linux hosts outside of mynew.org as personal DNS authorative 
nameservers.**

Any additional related tips appreciated.


See above.

With best regards,
Niall O'Reilly
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: "spare hosts" as personal DNS nameservers for 'mynew.org'

2017-07-11 Thread Matthew Seaman 
On 2017/07/11 14:57, b...@zq3q.org wrote:
> I have several linux VMs, that are under used, so I want to use them
> for the nameservers for 'mynew.org'.  **Neither are in 'mynew.org';
> is that going to work?**

Yes, that will work.  There is no requirement for any of the NSes for a
zone to be part of that zone or, conversely, not part of that zone.
Although if any of the NSes are in the zone, there should be glue
records added at the level above.

> namecheap support seems to suggest that the personal DNS authorative 
> nameservers
> for 'mynew.org', must be in 'mynew.org', as in
> 
> ns1.mynew.org
> ns2.mynew.org
> 

This is not a requirement from the DNS side.  It's normal for providers
to offer this -- vanity name servers are usually a selling point.

Even so, if you can make ns1.mynew.org and ns2.mynew.org resolve to the
A or  addresses of your VMs, you should be good to go.  named is
going to work the same irrespective of whatever it thinks the hostname
of your VM is, and that can be different to the name users look up in
the DNS.

Failing that, there are any number of other providers that will let you
register a domain, and the vast majority of those certainly will let you
specify your own nameservers.

Cheers,

Matthew






signature.asc
Description: OpenPGP digital signature
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Re: "spare hosts" as personal DNS nameservers for 'mynew.org'

2017-07-11 Thread Tony Finch 
b...@zq3q.org  wrote:

> I have several linux VMs, that are under used, so I want to use them
> for the nameservers for 'mynew.org'.  Neither are in 'mynew.org';
> is that going to work?

Yes, that is perfectly normal. For example,

$ dig +noall +answer ns dotat.at
dotat.at.   3559IN  NS  ns1.gratisdns.dk.
dotat.at.   3559IN  NS  ns3.gratisdns.dk.
dotat.at.   3559IN  NS  grey.dotat.at.
dotat.at.   3559IN  NS  puck.nether.net.

$ dig +noall +answer ns ac.uk
ac.uk.  20993   IN  NS  ns0.ja.net.
ac.uk.  20993   IN  NS  ns1.surfnet.nl.
ac.uk.  20993   IN  NS  ns2.ja.net.
ac.uk.  20993   IN  NS  ns3.ja.net.
ac.uk.  20993   IN  NS  ns4.ja.net.
ac.uk.  20993   IN  NS  auth03.ns.uu.net.
ac.uk.  20993   IN  NS  ws-fra1.win-ip.dfn.de.

Tony.
-- 
f.anthony.n.finch    http://dotat.at/  -  I xn--zr8h punycode
Shannon, Rockall, Malin, Hebrides: Cyclonic at first in Shannon, otherwise
north or northeast, 4 or 5, becoming variable 3 or 4. Slight or moderate.
Showers at first. Good.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe 
from this list

bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users