This is how i configure each domain's zone file, is this correct or do i need to change/alter something?
------------------------------------------------------
domain.com. IN SOA ns.mydns.com. webmaster.domain.com. (
1030701222
10800
3600
432000
38400 )
domain.com. IN NS ns.mydns.com.
domain.com. IN NS ns2.mydns.com.
domain.com. IN A xxx.xxx.xxx.xxx
smtp.domain.com. IN CNAME domain.com.
www.domain.com. IN CNAME domain.com.
ftp.domain.com. IN CNAME domain.com.
pop.domain.com. IN CNAME domain.com.
domain.com. IN MX 1 pop.domain.com.
------------------------------------------------------

I just make the CNAME entries for the heck of it since i wrote a shell script long time back and never altered it, my first server provider told me that i should create the cname as it a default practise!

I get one DNS error for each domain in /var/log/messages which is;
dns_master_load: /var/named/domain.com.hosts:1: no TTL specified. THIS ZONE WILL NO LONGER WORK IN FUTURE VERSIONS. Add a TTL.

Where do i add a TTL? Is it a static value or variable?
Where do i append/alter the value in the above zone file?
If it is static value then i may just alter the shell script which i use to create the dns file.

Also, is the SOA serial number correct? i.e. 1030701222 above?
I understand no two zone files can have similar SOA and are unique, is this correct?

I use the following formula in my shell script to generate the SOA serial number which a friend told me years ago;
date +%s

Although in my years of hosting i have not had a dns issue on this server but the TTL error mentioned above bothers me.

Also i get a number of warnings when i check my domain at dnreports.com.

Experts pls comment.

Here is an eample of a zone file for Bind 8 or higher....

;example of forward zone file: anydomain.com
;
$TTL 86400
@ SOA ns1.domain.com. domain-admin.domain.com. (
2001060101 ; zone serial number in ccyymmddxx format
3600 ; slave polls master for SOA/serial number
1800 ; slave re-polls unreachable master
864000 ; slave expires zone after master unreachable
3600 ; TTL for negative answers
)
;
;nameservers
@ NS ns1.domain.com.
@ NS ns2.domain.com.
;
localhost A 127.0.0.1
;
;mail
@ MX 10 mx1.mailhost.com. ; internet sends mail here
@ MX 20 mx2.backuphost.com. ;
;
;
@ A ip.ad.re.ss ; for URL without www prefix
www A ip.ad.re.ss ;
ftp A ip.ad.re.ss ; maintain HTML docs
;
pop A ip.ad.re.ss ; users' mail program reads mail frompop server
smtp A ip.ad.re.ss ; users' mail program sends to SMTP (AUTH) server
webmail A ip.ad.re.ss ; on-line mail
;

Newer versions of bind require $TTL at the top of each and every zone file.

There is also a TTL specified within the top SOA line but the one your missing is at the top of the zone file.

If you need further assistance then please don't hesitate to contact me. I love bind and I love helping people.

Enjoy!!

Hey thanks guys, wht works wonders for me.
Just FYI i missed to add i run bind-9.1.0-10 on RH7.1.

I understand i need to add $TTL 86400 on the first line of each zone file as per DD-SNC 's post. Will i still be specifying all other values in my above zone file? cos i believe i already have one TTL there "38400" i am not sure if this serves some other purpose.

Most importantly now i have hundreds of zone files which i need to edit to put $TTL 86400 on the top line, how do i do this without opening each one manually? I know shell scripting a bit but i do not know the pointer too well that is: how to open file: take the pointer to the top line: add $TTL 86400: save changes ?

Also is my arithmetic "date +%s" correct to generate the SOA?
Cos dnsreports.com tells me;
"WARNING: Your SOA serial number is: 1030701222. That is OK, but the recommended format (per RFC1912 2.2) is YYYYMMDDnn, where 'nn' is the revision. For example, if you are making the 3rd change on 02 May 2000, you would use 2000050203. This number must be incremented every time you make a DNS change."

What forumula do i need to use to generate the correct SOA?

Does bind have any command line tool which can generate the zone file for me rather then me having to write the shell script for it?

You should make a habit of using A type records rather than CNAME by default. It's better practice. As for the $TTL and each zone, email me and I'll write you up a quick shell or Perl script to run that will make the changes to all the zone's in a matter of seconds.

thanks 2host, i did send you an email, once again thank you very much for your responses here and to my SSL query as well.

Viv

Originally posted by 2host.com
You should make a habit of using A type records rather than CNAME by default. It's better practice. As for the $TTL and each zone, email me and I'll write you up a quick shell or Perl script to run that will make the changes to all the zone's in a matter of seconds.

If i want to have a CNAME ftp.domain.com, then how can i have an A record for the sub-domain ftp.domain.com to work? Also FYI i do not offer individual IPs to each domaim, i use name based hosting.

Originally posted by hostchamp


If i want to have a CNAME ftp.domain.com, then how can i have an A record for the sub-domain ftp.domain.com to work? Also FYI i do not offer individual IPs to each domaim, i use name based hosting.

Rather than try and explain in my own words why A types are preferable, I'll try and find a site that can better explain it. It's not a "bad thing" to use CNAME types, sorry if you misunderstood what I said to mean that. CNAME's are certainly useful and needed in some situations.

Originally posted by hostchamp
thanks 2host, i did send you an email, once again thank you very much for your responses here and to my SSL query as well.

Viv

I just saw the email, thanks. I'll respond to it in a little while and see how I can help you. I just got another email to help another person with their DNS issues today, so I got them mixed up for a minute. :-)

Originally posted by 2host.com
You should make a habit of using A type records rather than CNAME by default. It's better practice.
I don't think so. CNAME works almost identical to A (except that you can't add MX record for domain which has already had CNAME record), normally all sub-domains (mail, ftp etc) are CNAMEd to the main domain then when you change your host or IP you just need to update the main domain's A record. If you use A record for all subdomains you will have to update all. Does it make sense?

hey rob, thanks.

my query was;

Can the following line be replaced by an A record line?
ftp.domain.com. IN CNAME domain.com.

Also rob, i have another issue, not related with this post though,
i want to delete virtual domain entries from my httpd.conf, since there are lots of <virtualhost> blocks i cannot delete these using "vi", nor do i prefer webmin to delete these via the web, for some reason my webmin apache page never opens.

I know there are several perl control panel scripts but i do not know how to rip them off and get my desired code out.
How can i have a sheel/perl script which i can run from the command line and specify a virtual host or multiple host and then it would delete the complete <virtualhost> block from httpd.conf?
Better yet, if it could take the document root path as the input,
and delete all virtual host blocks which matches the document root path. This is because i have resellers folders setup, i.e. /home/reseller and underneath these i have his domain folders, eg /home/reseller/domain1 and so on.

Now is it possivbe for a script tp take /home/reseller as the argument and delete all virtual host blocks which has document root /home/reseller, i.e. /home/reseller/domain1, /home/reseller/domain2 and so on.

Is this possible?

2host any luck with my problem mate?
Anyone?

Originally posted by NetworksData
I don't think so. CNAME works almost identical to A (except that you can't add MX record for domain which has already had CNAME record),


Well, not really identical. A records are suggested, mainly because if you use CNAME, than it has to look up the alias it points to in addition. Perhaps negligible overhead, but nonetheless.


normally all sub-domains (mail, ftp etc) are CNAMEd to the main domain then when you change your host or IP you just need to update the main domain's A record. If you use A record for all subdomains you will have to update all. Does it make sense?

It makes perfect sense. I didn't mean for convienience, but for efficiency. It can add over 40 ms to lookup the alias, depending on where it is pointing, as opposed to an A record.

Also with A types, if the first lookup fails, it'll try another IP, whereas if the CNAME alias failws the first time, it will already have failed. CNAME's have to point to the alias and resolve to the IP to return it anyway. There's nothing wrong with CNAME at all. It's just that every request doubles the traffic (the overhead is not an issue because of caching), and if all your zones (if you have a lot) used this, it will make a difference (perhaps not large enough).

I think that the "DNS & BIND" book by O'Reilly and Assoc's explains this a bit better. Alternatively, you can ask Cricket himself and he would definitely explain why it's preferered. Well, rather than rehashing a heated debate about CNAME vs. A type records, I don't think it's anything important enough to get into. Certainly, there's nothing wrong with using CNAME records. I use A type and I can just change a zone with zone command anyway, so it's not an issue of being faster by chaning one IP for me.

Originally posted by hostchamp
2host any luck with my problem mate?
Anyone?

Hi, sorry, I've just got a chance to read it and respond.

Originally posted by hostchamp
hey rob, thanks.

my query was;

Can the following line be replaced by an A record line?
ftp.domain.com. IN CNAME domain.com.


You shouldn't bother with the entire.domainame.com there. Just put it as "ftp" only.


ftp IN A 123.123.123.123

But a CNAME will work fine. I probably shouldn't get into gritty details about A vs. CNAME anyway to such an inquiry, I just thought I'd comment. Sorry for any confusion, it's fine to use a CNAME, but just use ftp, not the entire domain, it might make things easier in the future. CNAME's aren't needed, although they can be encouraged to be used in some situations (just definitely not the for name server and the like -- RFC1912 better explains this), and I just don't like things that aren't needed to add to it all, but it's not a bad thing. I'm not explaining myself well.


Also rob, i have another issue, not related with this post though,
i want to delete virtual domain entries from my httpd.conf, since there are lots of <virtualhost> blocks i cannot delete these using "vi", nor do i prefer webmin to delete these via the web, for some reason my webmin apache page never opens.

I know there are several perl control panel scripts but i do not know how to rip them off and get my desired code out.
How can i have a sheel/perl script which i can run from the command line and specify a virtual host or multiple host and then it would delete the complete <virtualhost> block from httpd.conf?


It would open the file, searching line by line, save (or copy and append) the content you want to keep in an array, variable or file (depending on which method) and skip copying or saving this content for the VirtualHost block in question from the first instance of <VirtualHost domainname or IP here> or if they are all working on the same IP or wild card, it would use the actual servername field and continue to skip it until the ending VirtualHost block directive. After that, it continues to save the rest of the content or copy it (again, depending).


Better yet, if it could take the document root path as the input,
and delete all virtual host blocks which matches the document root path. This is because i have resellers folders setup, i.e. /home/reseller and underneath these i have his domain folders, eg /home/reseller/domain1 and so on.


That is another option. Just giving it some conditional to need to match accurately and use. The rest of the logic is then applied to that.


Now is it possivbe for a script tp take /home/reseller as the argument and delete all virtual host blocks which has document root /home/reseller, i.e. /home/reseller/domain1, /home/reseller/domain2 and so on.

Is this possible?

Yes, it's certainly possible and not really that difficult. First, backup your existing httpd.conf file before running any script or trying anything, and code something up and try it out. If I get some free time later I will see if I can help you out with that. In the meantime, give me some example of the virtual host and anything close to what it might be so it'll be easier to see if there might be any potential conflicts with certain logic applied or not (to avoid the wrong stuff from being removed).

robert did u get a chance to look at the $TTL addition to the zone files?

And here is how my httpd.conf looks like;
<virtualhost 111.111.111.111>
DocumentRoot /home/users/reseller1/domain/htdocs
ServerName www.domain.org
ScriptAlias /cgi-bin/ /home/users/reseller1/domain/cgi-bin/
ServerAdmin webmaster@domain.org
ServerAlias domain.org
#ErrorLog /home/users/reseller1/domain/logs/error_log
#TransferLog /home/users/reseller1/domain/logs/access_log
</virtualhost>

I have seen some perl code of cps like vHosts but do not know how to them off to get my own code

2host i am not sure if i am banned at thr forums?
Can u read this msg?
Did u get time to look at my DNS and httpd.conf issue?

Cheers!