Re: Two DNS servers with one IP address
+--- On Thursday, June 26, 2003 13:20, | Alfonso Romero proclaimed: | | Thanks for your reply. The reason I wanted to have two DNS servers is | because I want to register several domains and don´t want to depend on an | external DNS service, but I found out the two DNS servers required by | Internic must be physically separated also, so I´ll have to ask someone | else to host my secondary DNS server, or stick with the available DNS | options. I just wondered if it could be possible to have two DNS servers | inside a LAN, behind a FreeBSD box with NAT. | | Regards, | | Alfonso Romero Alfonso, If you are thinking of running named on serverA and serverB (both in RFC1918 space), and have them both use one globally routable IP address, there is a way. I did this for a while before getting external secondary services. Here is what I did: 1) go to http://www.bsdshell.net/hut_fvrrpd.html and read about the HUT project. Very interesting. 2) cd /usr/ports/net/freevrrpd make install distclean 3) read the configuration stuff for vrrpd (if you are like me, read twice), and configure the daemon on both servers. Now, say serverA is 192.168.0.51, and serverB is 192.168.0.52, and your VRRP address will be 192.168.0.50. Just make sure that your VRRP configuration is correct, but that isn't all. When the VIP moves from the primary machine to the backup machine, named won't give a crap. It won't listen on the new IP alias (in my case anyway, YMMV). I created a script that triggers on a VRRP state change that would kill named and then restart it once the new IP alias was installed (my script also installed a (V)IPv6 alias upon master election... not sure if that is important to you). Of course, make sure that natd on your gateway is forwarding DNS stuff to 192.168.0.50. I work with cisco IOS constantly, and HSRP is easy to take for granted. It is beyond cool to be able to do the same thing with the servers themselves. Not saying that this is the best solution, but it worked for me. -- +-+--+ | Michael W. Oliver, CCNP | The tree of liberty must be | | IPv6 FreeBSD mark | refreshed from time to time | | [EMAIL PROTECTED]| with the blood of patriots | | http://michael.gargantuan.com/| and tyrants.| | ASpath-tree, Looking Glass, etc. | - President Thomas Jefferson | | +--+ | gpg key - http://michael.gargantuan.com/gnupg/pubkey.asc | ++ ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Two DNS servers with one IP address
On Thu, Jun 26, 2003 at 12:20:30PM -0500, Alfonso Romero wrote: Thanks for your reply. The reason I wanted to have two DNS servers is because I want to register several domains and don?t want to depend on an external DNS service, but I found out the two DNS servers required by Internic must be physically separated also, so I?ll have to ask someone else to host my secondary DNS server, or stick with the available DNS options. I just wondered if it could be possible to have two DNS servers inside a LAN, behind a FreeBSD box with NAT. This item on devshed is relevant to this thread: http://forums.devshed.com/showthread.php?s=threadid=50100 Can anyone confirm that it's no longer a requisite to provide 2 distinct DNS servers for a domain you register? I say no longer because as I understand it there was a time when 2 distinct nameservers were required... Also, in the case an admin has only one auth nameserver for a domain but a registrar _requires_ you list two, what is the best strategy for listing the second nameserver? Is there any way to avoid using a third party DNS provider as your secondary nameserver (providing some sort of dummy listing)? As mentioned above in thread there are no doubt many cases where all services are hosted on one single IP address and so if the server goes down, losing DNS is the least of your worries. In this case wouldn't having a second nameserver listed actually be a bad thing (since queries to that second NS waste some (ok, minimal, but still some) bandwidth)? Cheers, Jez ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Two DNS servers with one IP address
On Fri, Jun 27, 2003 at 07:34:49AM +0100, Jez Hancock wrote: ... Can anyone confirm that it's no longer a requisite to provide 2 distinct DNS servers for a domain you register? I say no longer because as I understand it there was a time when 2 distinct nameservers were required... Not having multiple servers may be OK for vanity domains, but certainly isn't advisable if one wants reliable DNS. It's a Good Idea(tm) to have secondary servers geographically separated so that local problems don't take out all the DNS for a domain (e.g. earthquakes, floods, etc.). One of the more amusing examples of this occurred within the last two years when all of Microsoft's DNS failed. M$ had multiple servers all right, but they were all on the same class C network so a routing problem brought them all down. Similar reasoning applies to having multiple MX (Mail eXchange) servers for a domain. Backup MX servers get a bit more complicated though if one is doing any spam blocking as all the backup servers have to have at least as restrictive rules as the primary or the spammers just get to you through the back door. Also, in the case an admin has only one auth nameserver for a domain but a registrar _requires_ you list two, what is the best strategy for listing the second nameserver? Is there any way to avoid using a third party DNS provider as your secondary nameserver (providing some sort of dummy listing)? Do you have local user groups, ISPs, or businesses that run DNS servers that would provide backups? We provide backup DNS for most of our customers including some fairly large regional ISPs with hundreds of domains. It's frequently possible to set up reciprocal deals with others. Bill -- INTERNET: [EMAIL PROTECTED] Bill Campbell; Celestial Software LLC UUCP: camco!bill PO Box 820; 6641 E. Mercer Way FAX:(206) 232-9186 Mercer Island, WA 98040-0820; (206) 236-1676 URL: http://www.celestial.com/ The is no worse tyranny than to force a man to pay for what he does not want merely because you think it would be good for him. -- Robert Heinlein ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Two DNS servers with one IP address
On Tue, Jun 17, 2003 at 08:52:42PM -0500, Alfonso Romero wrote: Is it possible to have two DNS servers with only one public IP address? I have a FreeBSD gateway connected to the Internet with a DSL modem, using natd to connect the other PCs on my LAN, and was wondering if I could have two DNS servers to register domain names. You could do some magic using port redirection based on whatever you want (source IP?). I can't even imagine the point of it, but it could be done. mf -- What do you care what other people think? pgp0.pgp Description: PGP signature
Re: Two DNS servers with one IP address
Michal F. Hanula wrote: On Tue, Jun 17, 2003 at 08:52:42PM -0500, Alfonso Romero wrote: Is it possible to have two DNS servers with only one public IP address? I have a FreeBSD gateway connected to the Internet with a DSL modem, using natd to connect the other PCs on my LAN, and was wondering if I could have two DNS servers to register domain names. You could do some magic using port redirection based on whatever you want (source IP?). I can't even imagine the point of it, but it could be done. mf I don't know what the poster's reason is for having two DNS servers but have a look and bind 9. Do the opposite. Have one DNS server act as two. With views you can have the outside world see one thing and the inside world see another. That's how I'm set up. One view is called external and when folks make a query to it it responds with what I've told it. But when an internal machine makes a request the DNS will respond differently. It all depends how you define the views. Way nifty and the systems are none the wiser. :) HTH ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Two DNS servers with one IP address
Is it possible to have two DNS servers with only one public IP address? no. when you run the first instance, it will listen on port 53. When you run the second instance, it will fail, because port 53 is occupied. I have a FreeBSD gateway connected to the Internet with a DSL modem, using natd to connect the other PCs on my LAN, and was wondering if I could have two DNS servers to register domain names. You an play administrative games, depending on the registrar, by registering two hosts at the same IP, but two won't run on the same IP. Len _ http://MenAndMice.com/DNS-training: Seattle; Chicago; San Jose; Wash DC IMGate.MEIway.com: anti-spam gateway, effective on 1000's of sites, free ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Two DNS servers with one IP address
Thanks for your reply. The reason I wanted to have two DNS servers is because I want to register several domains and don´t want to depend on an external DNS service, but I found out the two DNS servers required by Internic must be physically separated also, so I´ll have to ask someone else to host my secondary DNS server, or stick with the available DNS options. I just wondered if it could be possible to have two DNS servers inside a LAN, behind a FreeBSD box with NAT. Regards, Alfonso Romero - Original Message - From: K Anderson [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, June 26, 2003 3:26 AM Subject: Re: Two DNS servers with one IP address Michal F. Hanula wrote: On Tue, Jun 17, 2003 at 08:52:42PM -0500, Alfonso Romero wrote: Is it possible to have two DNS servers with only one public IP address? I have a FreeBSD gateway connected to the Internet with a DSL modem, using natd to connect the other PCs on my LAN, and was wondering if I could have two DNS servers to register domain names. You could do some magic using port redirection based on whatever you want (source IP?). I can't even imagine the point of it, but it could be done. mf I don't know what the poster's reason is for having two DNS servers but have a look and bind 9. Do the opposite. Have one DNS server act as two. With views you can have the outside world see one thing and the inside world see another. That's how I'm set up. One view is called external and when folks make a query to it it responds with what I've told it. But when an internal machine makes a request the DNS will respond differently. It all depends how you define the views. Way nifty and the systems are none the wiser. :) HTH ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Two DNS servers with one IP address
Alfonso Romero [EMAIL PROTECTED] writes: you mean each nameserver must have its own unique IP? Yes. Otherwise there wouldn't be any redundancy. That's why you need two nameservers in the first place. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Two DNS servers with one IP address
On Wed, 18 Jun 2003 11:52 am, Alfonso Romero wrote: Is it possible to have two DNS servers with only one public IP address? I have a FreeBSD gateway connected to the Internet with a DSL modem, using natd to connect the other PCs on my LAN, and was wondering if I could have two DNS servers to register domain names. No its not. If you really wanted two seperate nameservers on 1 machine (which are both accessable to the world) you will need to have two static ips at that box. - jacob Jacob RhodenPhone: +61 3 8344 6102 ITS DivisionEmail: [EMAIL PROTECTED] Melbourne University Mobile: +61 403 788 386 ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Two DNS servers with one IP address
JacobRhoden [EMAIL PROTECTED] writes: On Wed, 18 Jun 2003 11:52 am, Alfonso Romero wrote: Is it possible to have two DNS servers with only one public IP address? I have a FreeBSD gateway connected to the Internet with a DSL modem, using natd to connect the other PCs on my LAN, and was wondering if I could have two DNS servers to register domain names. No its not. If you really wanted two seperate nameservers on 1 machine (which are both accessable to the world) you will need to have two static ips at that box. What are you trying to do? Serve one set of data to the Internet (world) and a different set to your internal LAN? This is common for hiding internal host/address information. It's usually called split dns or split brain or split horizon. I believe BIND can do this, but I haven't used it for this. I've been using the djbdns suite which has this built in. Each record can be tagged with a label which can be associated with a set of addresses (e.g., inside LAN, anyone else) and it will reveal or hide that record based on the requestor's address.djbdns is a rather different architecture than BIND so if you're used to BIND it's a bit of a learning curve. If you're not wedded to BIND, you might be interested in djbdns. Check www.djbdns.org, the record label you want is the percent sign. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Two DNS servers with one IP address
At 2003-06-18T01:52:42Z, Alfonso Romero [EMAIL PROTECTED] writes: Is it possible to have two DNS servers with only one public IP address? What would be the point? Put another way: what are you trying to achieve? -- Kirk Strauser In Googlis non est, ergo non est. pgp0.pgp Description: PGP signature
Re: Two DNS servers with one IP address
Well, I wondered if it could be possible to have a primary and a secondary nameserver with only one public IP address, sort of like virtual domains on apache... - Original Message - From: Kirk Strauser [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, June 17, 2003 9:21 PM Subject: Re: Two DNS servers with one IP address At 2003-06-18T01:52:42Z, Alfonso Romero [EMAIL PROTECTED] writes: Is it possible to have two DNS servers with only one public IP address? What would be the point? Put another way: what are you trying to achieve? -- Kirk Strauser In Googlis non est, ergo non est. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Two DNS servers with one IP address
Alfonso Romero [EMAIL PROTECTED] writes: Well, I wondered if it could be possible to have a primary and a secondary nameserver with only one public IP address, sort of like virtual domains on apache... Not only isn't it possible in general, it wouldn't serve any purpose. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Two DNS servers with one IP address
you mean each nameserver must have its own unique IP? - Original Message - From: Lowell Gilbert [EMAIL PROTECTED] To: Alfonso Romero [EMAIL PROTECTED] Cc: freebsd-questions [EMAIL PROTECTED] Sent: Tuesday, June 17, 2003 9:47 PM Subject: Re: Two DNS servers with one IP address Alfonso Romero [EMAIL PROTECTED] writes: Well, I wondered if it could be possible to have a primary and a secondary nameserver with only one public IP address, sort of like virtual domains on apache... Not only isn't it possible in general, it wouldn't serve any purpose. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Two DNS servers with one IP address
- Original Message - From: Alfonso Romero [EMAIL PROTECTED] To: freebsd-questions [EMAIL PROTECTED]; Lowell Gilbert [EMAIL PROTECTED] Sent: Tuesday, June 17, 2003 10:52 PM Subject: Re: Two DNS servers with one IP address you mean each nameserver must have its own unique IP? Yes. Adam ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Two DNS servers with one IP address
Hello, It certainly is possible to register two nameservers with the same IP address. While it serves no real purpose to do so, if you require 2 NS's then you can. Check with your registrar. We do that here on our virtual servers just because it's easier and really, if the server goes down, that's it. No point in having the DNS up if the entire server is down for us. The exception to the rule is where we have other NS's for everything else that is redundant, especially for dedicated customers. Hope this helps out. Sincerely, Scott Kupferschmidt ISPrime, Inc. 866.502.4678 ext. 3 AIM: Scott ISPrime - ICQ: 174337249 On Tue, 17 Jun 2003, Alfonso Romero wrote: Well, I wondered if it could be possible to have a primary and a secondary nameserver with only one public IP address, sort of like virtual domains on apache... - Original Message - From: Kirk Strauser [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, June 17, 2003 9:21 PM Subject: Re: Two DNS servers with one IP address At 2003-06-18T01:52:42Z, Alfonso Romero [EMAIL PROTECTED] writes: Is it possible to have two DNS servers with only one public IP address? What would be the point? Put another way: what are you trying to achieve? -- Kirk Strauser In Googlis non est, ergo non est. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Two DNS servers with one IP address
Alfonso Romero [EMAIL PROTECTED] writes: Well, I wondered if it could be possible to have a primary and a secondary nameserver with only one public IP address, sort of like virtual domains on apache... Well, a nameserver can answer queries for many different zones, like for queries about foo.example.com as well as bar.localhost.net That's easy. If that's what you're trying to achieve. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Two DNS servers with one IP address
From: Scott Kupferschmidt [EMAIL PROTECTED] To: Alfonso Romero [EMAIL PROTECTED] Cc: freebsd-questions [EMAIL PROTECTED] Sent: Tuesday, June 17, 2003 9:55 PM Subject: Re: Two DNS servers with one IP address Hello, It certainly is possible to register two nameservers with the same IP address. While it serves no real purpose to do so, if you require 2 NS's then you can. Check with your registrar. We do that here on our virtual servers just because it's easier and really, if the server goes down, that's it. No point in having the DNS up if the entire server is down for us. Well, that might depend on your TTL's and the speed of the repair boyz in the NOC... :-) Keep in mind that the world will consider your DNS broken if you do this. DNS reporting services will flag you if your 2 servers on are the same *subnet*, much less the same IP addy... Obviously, what people think is of little concern in your situation, I'm guessing Kevin Kinsey ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
