Results 1 to 25 of 41
-
02-09-2001, 05:26 PM #1Newbie
- Join Date
- Feb 2001
- Location
- Toronto, Canada
- Posts
- 20
Hello,
I'm a new RAQ user at 4WebSpace (Tera-Byte), and have found lots of useful tips on this forum, and hope to be able to help others as I learn more. I posted this message on the 4webspace forum, but thought I'd be able to get more feedback by reposting here, as there are a lot of Tera-Byte RAQ users here, it seems.
I've been trying to create a "Perfect Template DNS" for all my virtual domains on a RAQ (I'm just getting started with a dedicated server). After some experimentation, I've setup the DNS as follows, using Tera-Byte's DNS Control Panel, and would appreciate comments on any disadvantages to what I've done:
I've replaced the real domain name with "mydomain.com" throughout, and the IP with 10.0.0.2, so that it is generic:
On the Tera-bye DNS Admin, I now have the following:
mydomain.com has an IP of 10.0.0.2
mail for mydomain.com is delivered to mydomain.com with a preference of 5
www has an IP of 10.0.0.2
mail for www is delivered to mydomain.com with a preference of 5
ftp is an alias for mydomain.com
mail is an alias for mydomain.com
pop is an alias for mydomain.com
smtp is an alias for mydomain.com
Non-matching DNS requests are not forwarded
In other words, mydomain.com and www.mydomain.com have A records pointing to the IP used for the www.mydomain.com virtual site in the RAQ. BOTH their MX records are set to deliver to mydomain.com. ftp, mail, pop and smtp hostnames are all set to be CNAME records, aliasing mydomain.com.
Using Sam Spade's tools (www.samspade.org), I also did a Zone Transfer of the domain, and the record is:
-------------- start zone -----------------------
Zone transfer mydomain.com@ns1.tera-byte.com (216.234.161.11) ...
Query for mydomain.com type=252 class=1
mydomain.com SOA (Zone of Authority)
Primary NS: ns1.tera-byte.com
Responsible person: hostmaster@tera-byte.com
serial:2001020804
refresh:3600s (60 minutes)
retry:900s (15 minutes)
expire:3600000s (410 days)
minimum-ttl:3600s (60 minutes)
mydomain.com NS (Nameserver) ns1.tera-byte.com
mydomain.com NS (Nameserver) ns2.tera-byte.com
mydomain.com NS (Nameserver) ns3.tera-byte.com
mydomain.com A (Address) 10.0.0.2
mydomain.com MX (Mail Exchanger) Priority: 5 mydomain.com
ftp.mydomain.com CNAME (Canonical Name) mydomain.com
mail.mydomain.com CNAME (Canonical Name) mydomain.com
pop.mydomain.com CNAME (Canonical Name) mydomain.com
smtp.mydomain.com CNAME (Canonical Name) mydomain.com
www.mydomain.com A (Address) 10.0.0.2
www.mydomain.com MX (Mail Exchanger) Priority: 5 mydomain.com
mydomain.com SOA (Zone of Authority)
Primary NS: ns1.tera-byte.com
Responsible person: hostmaster@tera-byte.com
serial:2001020804
refresh:3600s (60 minutes)
retry:900s (15 minutes)
expire:3600000s (410 days)
minimum-ttl:3600s (60 minutes)
-------------- end zone -----------------------
I then created 2 users for this domain, named user1 and user2. user1 has an alias of me@mydomain.com. user2 is the catchall account, and has an alias of @www.mydomain.com (it seems the www is required).
Then, I sent emails to user1@, me@, user2@ and junk@, with the following after the @:
1) mydomain.com
2) www.mydomain.com
3) smtp.mydomain.com
4) junk.mydomain.com
5) super.junk.mydomain.com
6) super.www.mydomain.com
Thus, there are 24 different combinations for the 4 usernames, and 6 hosts (i.e. I sent 24 emails). I sent from 3 different accounts (Yahoo, Hotmail, and my own ISP), and all received the same results:
Host Type 1: everything worked correctly -- user1 received the email sent to user1@ and me@, and user2 received the email sent to user2@ and junk@.
Host Type 2: very similar to Host Type 1, except that the "To" line stayed at "www.mydomain.com" after being sent and received.
Host Type 3: in contrast to Host Type 2, the "smtp" CNAME was deleted entirely, and the "To" line just showed user1@mydomain.com, user2@mydomain.com, me@mydomain.com and junk@mydomain.com after being correctly received.
Host Type 4,5,6: all emails (12 of them) bounced back to the sender, as those hosts didn't exist. Importantly, no emails showed up in the admin account (which happens when the wildcard DNS was turned on).
Using CNAMES, and turning off wildcard DNS meant that at no time did the admin account receive any error messages for improper subdomains. If, instead, I had simply created A records, for instance, for FTP or SMTP, there'd be strange error messages if someone sent email to random@smtp.mydomain.com. The same kinds of error messages would show up if I kept on wildcard DNS. (Error messages refer to "local configuration error".
As folks often mangle their email addresses, to prevent spam (e.g. usernameNOSPAM@DONTSPAM.mydomain.com), I believe the above setup has its advantages.
Any comments as to whether there are any downsides to what I've done?
Sincerely,
George Kirikos
http://www.kirikos.com/
P.S. If you have wildcard DNS on, you can see the error messages in your admin email account by sending a message to usernameNOSPAM@DONTSPAM.mydomain.com. If you use an A record for a subdomain, try usernameNOSPAM@ftp.mydomain.com (replace "ftp" with the subdomain name for which there's an A record).
-
02-09-2001, 07:38 PM #2Web Hosting Master
- Join Date
- Jun 2000
- Location
- Southern California
- Posts
- 12,136
I have to admit that I lost you there a bit, but I don't set all that up. Just:
domain.com to IP address
www A record to IP address
(and most of the time) wildcard to server IP address.
-
02-09-2001, 07:52 PM #3Web Hosting Master
- Join Date
- Aug 2000
- Posts
- 2,754
setting up an a record for smtp ....
Doing that would it mean they are required to send mail through that or it would bounce?
-
02-09-2001, 08:01 PM #4Newbie
- Join Date
- Feb 2001
- Location
- Toronto, Canada
- Posts
- 20
Hi,
I assume you had to add MX records though, Chicken? What happens when you try to send an email to one of your domains (which have the wildcard DNS turned on) as mynameNOSPAM@DONTSPAM.yourdomain.com ?
I was getting configuration error messages in the mailbox of the admin account when these emails were sent (and the messages would also bounce back to the sender). I had wanted to set things up so that I wouldn't see those errors at all (bouncing back to the sender is fine, though).
DO you think there's any downside/problems the way I've set things up now, using CNAMEs etc? I wanted to make it easier for endusers to be able to use pop.mydomain.com, smtp.mydomain and ftp.mydomain.com, but avoid the issue of the mail errors when wildcard DNS was turned on. However, even though things seem to work now, I want to be sure I've not done anything incorrectly that I might not have tested for, due to idiosyncrasies with the RAQ.
Sincerely,
George Kirikos
http://www.kirikos.com/
-
02-14-2001, 04:52 AM #5WHT Addict
- Join Date
- Sep 2000
- Location
- Asia
- Posts
- 105
How to add a PTR record from Tera-byte's dnsadmin?
Say I have a dedicated IP virtaul site dom1.com.
I can add A record for dom1.com and www.dom1.com
But where can I add a PTR record for dom1.com ?
Or it is not necessary to add a PTR record.
If so, then what's the difference between name-based
virtural site and ip-based virtual site ?
Thanks for your reply.
[Edited by raylin on 02-14-2001 at 03:56 AM]
-
02-14-2001, 05:01 AM #6Newbie
- Join Date
- Feb 2001
- Location
- Toronto, Canada
- Posts
- 20
If you're using Tera-Byte, email noc@tera-byte.com and they'll add the reverse DNS/PTR record. It needs to be done by the owner of the IP block, which is them.
Sincerely,
George Kirikos
http://www.kirikos.com/
-
02-14-2001, 10:21 AM #7Web Hosting Master
- Join Date
- Jun 2000
- Location
- Southern California
- Posts
- 12,136
Originally posted by GeorgeK I assume you had to add MX records though, Chicken?
What happens when you try to send an email to one of your domains (which have the wildcard DNS turned on) as mynameNOSPAM@DONTSPAM.yourdomain.com ?
I'm not sure there are any downsides to how you set it all up, just that it is extra work and isn't needed. You can FTP/POP/SMTP to http://www.domain.com without having to enter all the DNS entries so...
If it works and you like it, then that's what it is all about (self gratification ) -enjoy!
-
02-14-2001, 09:20 PM #8Web Hosting Guru
- Join Date
- Feb 2001
- Posts
- 313
I'm not understaning this would this mean you would send an email or something to tera-byte requesting the dns add job to be complete or do they allow you access to a server where you can run this or any other script to add your dns? I am wondering because I just got a email that's saying that they are going to discontinue allowing thier customers to run their own dns servers which sucks.
-
02-14-2001, 10:45 PM #9Newbie
- Join Date
- Feb 2001
- Location
- Toronto, Canada
- Posts
- 20
I'd rather use their DNS servers, as it provides another level of redundancy. And for $10 more, one gets the customized nameserver names, which isn't bad (given one can host many domains with those nameservers).
Conceivably, you can always run DNS through a third party, and not Tera-Byte, but if you play with their nameserver control panel, it is very easy to use.
Sincerely,
George Kirikos
http://www.kirikos.com/
-
02-14-2001, 10:54 PM #10Disabled
- Join Date
- Dec 2000
- Location
- Ohio
- Posts
- 273
Originally posted by tymonhall
I just got a email that's saying that they are going to discontinue allowing thier customers to run their own dns servers which sucks.
-
02-14-2001, 10:59 PM #11Retired Moderator
- Join Date
- Sep 2000
- Location
- New York/USA
- Posts
- 1,691
just pay the extra $10 and get personalized ones. i think its great!
-
02-14-2001, 11:33 PM #12Disabled
- Join Date
- Dec 2000
- Location
- Ohio
- Posts
- 273
We'll I was getting my own pesonalized ones for free, now I have to pay another $10.
-
02-14-2001, 11:40 PM #13Retired Moderator
- Join Date
- Sep 2000
- Location
- New York/USA
- Posts
- 1,691
true. i wished it was free. $10 is hard to swallow when you're not making any money. i might just keep the tera-byte dns for now.
-
02-15-2001, 01:47 AM #14WHT Addict
- Join Date
- Nov 2000
- Posts
- 167
It's not that easy
Folks , it's not that easy.
In case you are using your own nameserver,have you ever k how long does it takes to change nameservers 's IP address at NSI Registry ?
Maybe 2 days theoretically or 2 months practically. (read DNS problem from other
WHT forums )
Or in case you are providing hosting service , do you know how hard it is to change your customer domain's dns.
Last few months I changed ns.mydomain 's IP through realtime
OpenSRS's API.But NSI appear no change so far.
-
02-15-2001, 02:17 AM #15Retired Moderator
- Join Date
- Sep 2000
- Location
- New York/USA
- Posts
- 1,691
out of the 4 times i had to change dns servers/ips, all my changes were completed in 2 days.
-
02-15-2001, 06:44 AM #16Web Hosting Evangelist
- Join Date
- Dec 2000
- Posts
- 542
I changed twice... And no problems with the timing as well.
2 days...
-
02-15-2001, 08:39 AM #17Disabled
- Join Date
- Dec 2000
- Location
- Ohio
- Posts
- 273
Same here, done within 2 days.
-
02-15-2001, 12:38 PM #18Web Hosting Guru
- Join Date
- Feb 2001
- Posts
- 313
Yea, I get it to change within two days as well. The bigest problem is going to be change the cusomers expecailly any new ones that I have no control over the name servers.
-
02-15-2001, 01:14 PM #19Web Hosting Guru
- Join Date
- Oct 2000
- Posts
- 318
you dont have to do a thing to any customers dns.
step one request customized dns solution
step two recieve new ips for your nameservers
step three change your hostname records to reflect new ips
step 4 add domains to tera-bytes dns control panel
step 5 sit back and wait for seamless switchover
when everything is said and done click off the dns button on your raq.
as far as the cost goes your already paying at least 5.00 for the ips needed to run your own dns servers on the raq you no longer would need to pay that amount.
Steve
-
02-15-2001, 02:02 PM #20Retired Moderator
- Join Date
- Sep 2000
- Location
- New York/USA
- Posts
- 1,691
oh ok, so basically if you already have spare ips, it's just $5 more. great deal!
-
02-15-2001, 02:52 PM #21Web Hosting Evangelist
- Join Date
- Jan 2001
- Location
- the Netherlands
- Posts
- 542
It was nice running my own dns till it crashed.
Now my site is 2 days offline, and why ?
Because Cobalt isnt able to come up with a decent version of BIND !
The one that caused all the trouble is still on their patchlist.
I spoke to a tera-byte dude, and he told me that version of BIND was notorius and i should have known it.
Hell, if even Cobalt didn't know this !
I'm still very curious what happend to my BIND, and would very much like to know how many people are running this version without any problems.
i only counted 2 crashes on this forum right ? how many of you run BIND version 8.2.2_P5 on a RAQ3 from 4webspace?
-
02-15-2001, 02:58 PM #22WHT Addict
- Join Date
- Nov 2000
- Posts
- 167
not worth to pay
I came to 4ws because I dont' want to pay 10$/mo for my nameservers at Alabanza while I can hardly control them. I setup bind9 and run dns on my own raq3 as I can easily automate dns setup process . Blocking incoming dns on my raq server will just piss me off. Guess while people have second server somewhere else then using 4ws as one nameserver and other machine as another nameserver . Does it worth for them to pay additional 5-10$/mo ?
-
02-15-2001, 04:38 PM #23Disabled
- Join Date
- Dec 2000
- Location
- Ohio
- Posts
- 273
I don't like it either. It's much more of a hassle to set things up through them rather than doing everything from the RaQ. Any the extra money, this should be a free service since were forced to use it.
-
02-15-2001, 05:26 PM #24WHT Addict
- Join Date
- Nov 2000
- Posts
- 167
adjust rule
right now, 4ws are losing from user's dns exploit and high technical loads.
But after new rules applied, 4ws will retrieve security and technical availability back while some users are going to lost since thier own dns turn into a cost and are losing versatility as tera-byte's dns must be manually configured .
why not adjust the rule like , people who are able to setup their own bind daemon can continue running dns on their raq (this will unload technical support since users must be responsible to their own daemon setup) or if security reason come into concern , 4ws should provide user's dns at no cost so that no parties lost since using ns.tera-byte.com seems silly among people providing services to outside world.
-
02-15-2001, 05:35 PM #25Web Hosting Master
- Join Date
- Aug 2000
- Posts
- 2,754
Then think of this ...
Someone comes along saying they know what they are doing. Tera-byte allow them to run the dns right from there machine. A hacker finds a way in through bind because the user ignored the fact and didnt upgrade there bind. They run to tera-byte for help saying my servers been hacked via bind. More time spent fixing things by the technical support team.
With this in place they save this ever happening.
Just think about what your getting for $99..
how many other companies do you know who will give you 100 true gigabytes of bandwidth for that price?
how many companies will provide the level of support they provide for that price?
I don't think its a lot to ask for an extra $10 ... I've looked at other providers of RAQ's and what they supply for $99 .... they give you 50gb maybe 60 if your lucky. and most dont even provide it as true bandwidth. They also have slow networks ... I find 4webspace a little slow right now at times but still faster than all the others for this price. There even looking into sorting out issues.
Find me another company who give you the service they do at the same price.... nearest your likely to get is $200 maybe $300 to get it.