I'm dealing with a new ISP that has been pretty much ok until this problem.
I realized that they didn't set up the reverse PTR records for my eight IP
addresses on a dedicated server. (I will be creating 8 virtual domains - one
per IP address).
Their staff initially said 1) reverse PTR records were never necessary; 2)
delegating my DNS info to my machine are out of the question (they won't
admit they don't know how and they won't accept info). They are using BIND
and insist that nslookup is never capable of returning the domain name for a
given IP address.
I've been pounding on them since last week, and just got an email saying
that a PTR record is only necessary for the base IP address of the 8
addresses (the hostname is set to this base IP address) and they are going
to update their DNS server tonight and promptly closed out the trouble
ticket.
I've been setting up DNS (classic BIND) for years and simply never heard of
setting up A records without the associated PTR record for reverse address
mapping.
1) I'm about to open up another trouble ticket to ask them to add PTR
records for the remaining seven IP addresses. Am I not correct in telling
the ISP that all my virtual domains require reverse DNS resolution?
2) If they don't add reverse PTR records for my virtual domains, I've been
debating telling the Internic to change my DNS servers for the virtual
domains to the base address of my own dedicated server. It's not as if my
virtual domains are subdomains of my ISP's domain. The problem is that I
only have the one dedicated machine. The Internic wants two DNS servers per
domain. If I leave the existing DNS servers from my ISP, and add my own
dedicated server as a third DNS server, will the reverse address search go
through all three of my DNS servers until it has success?
My hostname is a subdomain of my ISP's domain, so the PTR record for my base
address will have to be served by my ISP's dns server and they are in fact
doing that for me tonight.
My virtual domains are independent domains immediately under .com and
registered to the Internic. I'll use the exact same IP addresses that my ISP
was serving on their DNS servers, just add the reverse DNS info. My ISP's
info about my virtual domains will just be ignored once the Internic makes
the change, right? I've been resisting this route because I don't want to
create a loop of some kind.
3) If I proceed with step 2, I could use dnscache on 127.0.0.1, tinydns on
one IP, and walldns on another IP, right? It doesn't matter which external
IP, just so long as they are different IPs because dnscache, tinydns, and
walldns are all looking at port 53, right?
There is no firewall with this solution in 2) and 3), but these virtual
domains don't have any national secrets anyway. However, I will be serving
qmail to these domains, so it won't be the safest environment for the email.
I'm sorry this post is so long, it's hard for me to verbalize these DNS
issues succinctly.
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com
