Web Hosting Talk : Web Hosting Main Forums : Hosting Security and Technology : Hosting Security and Technology Tutorials : DNS Tips

[jbargs]

My advice... (this is pure gold)

Remember, IP addresses change, domain names do not. Think about this basic truth and apply it. So whenever possible point services to names (CNAME records) not IP's (A records).
See the point yet? If your hosting server changes IP and all of your clients point to it's IP then someone will need to update ALL of your clients DNS records. But if everyone points to the NAME of your server then it's not a problem.

server1.isp.com = 123.123.123.123
www.clientA.com = server1.isp.com

Change the IP on server1 and nobody will notice.

You can paypal me $5 for the advice.

[lpmusic]

Or you could make a script to change the IPs in your zone files (presuming you host the DNS of course)

[morcego]

Actually, I think he is saying you should NOT point to 123.123.123.123.
server1.isp.com is.
On the other hand, I like using 1 name -> 1 service better. That way, if you want to move only 1 service to another server, you will have no problem. Something like:

Code:

blah.domain.com    IN  A 123.123.123.123
smtp.domain.com   IN  CNAME blah.domain.com.
pop.domain.com    IN  CNAME blah.domain.com.
imap.domain.com   IN  CNAME blah.domain.com.

[lpmusic]

Yes, I read what he said. I'm saying there's no point in doing so if you host all the dns zone files for the domains. Why would you want to have to make your dns servers answer more queries? Granted, it probably wouldn't be a huge increase in load but it's more than if you just used A records all the way around.

[jbargs]

Quote:

Originally Posted by lpmusic

Yes, I read what he said. I'm saying there's no point in doing so if you host all the dns zone files for the domains. Why would you want to have to make your dns servers answer more queries? Granted, it probably wouldn't be a huge increase in load but it's more than if you just used A records all the way around.

Your idea works only if you host all of the zone files yourself. But what happens when 50 of your customers register domain names and manage their DNS records via their registrar (like Register.com). If they point their www and mail services to the IP of your server (123.123.123.123) then all 50 customers will need to edit their DNS if your server changes IP. But if they point to the name of your server (server1.isp.com) then the 50 clients won't need to do anything. The only necessary DNS edit will be the zone file for isp.com

[lpmusic]

From above...

Quote:

Originally Posted by lpmusic

(presuming you host the DNS of course)

Sure CNAME's are nice if you have to change IPs, but why would you have to in the first place if this is in a datacenter (aside from a datacenter move which would probably have you worried about bigger problems).

[jbargs]

Quote:

Originally Posted by lpmusic

Sure CNAME's are nice if you have to change IPs, but why would you have to in the first place if this is in a datacenter (aside from a datacenter move which would probably have you worried about bigger problems).

Hey, all big problems start out as small problems. An ounce of prevention is worth a pound of cure.

Changing IP's:...
1. DC customers do change IP's. Not often, quite rare, but it does happen.
2. Server failover to other locations outside of your DC, city, state or country.
3. IPv6 migration
4. Moves within a DC and between DC's.
5. If your IPs become blacklisted or something. Not due to yourself but someone in a neighboring subnet.

All in all using CNAMES whereever possible is always a good idea. It is less of a factor if:
1. You are an ISP and have your OWN IP space from ARIN.
2. You host and manage your own name servers.

[lpmusic]

Here's a fun thread:
http://www.webhostingtalk.com/archiv...d/34264-1.html

Anycase, whatever you do, just make sure you don't use CNAME's for your MX record

[jbargs]

Quote:

Originally Posted by lpmusic

Here's a fun thread:
http://www.webhostingtalk.com/archiv...d/34264-1.html

Anycase, whatever you do, just make sure you don't use CNAME's for your MX record

I read the above referenced thread. If you do not know what you are doing and are not 100% familiar with DNS and how it works then you may have problems if you try to use CNAME records.

Done properly CNAME records will save you from tons of headaches and downtime. I'll write up some sample zone files and post here shortly.

[jbargs]

Here we go. Some examples: (omiting all of the details)

Zone file for ISP.com domain (use only A records)
MX = 123.123.123.6
www = 123.123.123.7
ftp = 123.123.123.7
mail = 123.123.123.6
www2 = 123.123.123.8
staging = 123.123.123.9
@ = 123.123.123.x (use only if all services run on a single IP)
* = 123.123.123.x (use only if all services run on a single IP)

Zone file for client.com domain (use only CNAME records)
MX = mail.isp.com
www = www.isp.com
mail = mail.isp.com
ftp = www.isp.com

All clients should use CNAMES. Since all clients point to ISP.com host names then a single change in the zone file for ISP.com will effect all clients. Thus it will not be necessary to edit/change client zone files.