Page 1 of 2 12 LastLast
Results 1 to 25 of 41
  1. #1
    Join Date
    Feb 2001
    Location
    Toronto, Canada
    Posts
    20

    Exclamation

    Hello,

    I'm a new RAQ user at 4WebSpace (Tera-Byte), and have found lots of useful tips on this forum, and hope to be able to help others as I learn more. I posted this message on the 4webspace forum, but thought I'd be able to get more feedback by reposting here, as there are a lot of Tera-Byte RAQ users here, it seems.

    I've been trying to create a "Perfect Template DNS" for all my virtual domains on a RAQ (I'm just getting started with a dedicated server). After some experimentation, I've setup the DNS as follows, using Tera-Byte's DNS Control Panel, and would appreciate comments on any disadvantages to what I've done:

    I've replaced the real domain name with "mydomain.com" throughout, and the IP with 10.0.0.2, so that it is generic:

    On the Tera-bye DNS Admin, I now have the following:

    mydomain.com has an IP of 10.0.0.2
    mail for mydomain.com is delivered to mydomain.com with a preference of 5

    www has an IP of 10.0.0.2
    mail for www is delivered to mydomain.com with a preference of 5

    ftp is an alias for mydomain.com
    mail is an alias for mydomain.com
    pop is an alias for mydomain.com
    smtp is an alias for mydomain.com
    Non-matching DNS requests are not forwarded

    In other words, mydomain.com and www.mydomain.com have A records pointing to the IP used for the www.mydomain.com virtual site in the RAQ. BOTH their MX records are set to deliver to mydomain.com. ftp, mail, pop and smtp hostnames are all set to be CNAME records, aliasing mydomain.com.

    Using Sam Spade's tools (www.samspade.org), I also did a Zone Transfer of the domain, and the record is:

    -------------- start zone -----------------------
    Zone transfer mydomain.com@ns1.tera-byte.com (216.234.161.11) ...
    Query for mydomain.com type=252 class=1
    mydomain.com SOA (Zone of Authority)
    Primary NS: ns1.tera-byte.com
    Responsible person: hostmaster@tera-byte.com
    serial:2001020804
    refresh:3600s (60 minutes)
    retry:900s (15 minutes)
    expire:3600000s (410 days)
    minimum-ttl:3600s (60 minutes)
    mydomain.com NS (Nameserver) ns1.tera-byte.com
    mydomain.com NS (Nameserver) ns2.tera-byte.com
    mydomain.com NS (Nameserver) ns3.tera-byte.com
    mydomain.com A (Address) 10.0.0.2
    mydomain.com MX (Mail Exchanger) Priority: 5 mydomain.com
    ftp.mydomain.com CNAME (Canonical Name) mydomain.com
    mail.mydomain.com CNAME (Canonical Name) mydomain.com
    pop.mydomain.com CNAME (Canonical Name) mydomain.com
    smtp.mydomain.com CNAME (Canonical Name) mydomain.com
    www.mydomain.com A (Address) 10.0.0.2
    www.mydomain.com MX (Mail Exchanger) Priority: 5 mydomain.com
    mydomain.com SOA (Zone of Authority)
    Primary NS: ns1.tera-byte.com
    Responsible person: hostmaster@tera-byte.com
    serial:2001020804
    refresh:3600s (60 minutes)
    retry:900s (15 minutes)
    expire:3600000s (410 days)
    minimum-ttl:3600s (60 minutes)
    -------------- end zone -----------------------

    I then created 2 users for this domain, named user1 and user2. user1 has an alias of me@mydomain.com. user2 is the catchall account, and has an alias of @www.mydomain.com (it seems the www is required).

    Then, I sent emails to user1@, me@, user2@ and junk@, with the following after the @:

    1) mydomain.com
    2) www.mydomain.com
    3) smtp.mydomain.com
    4) junk.mydomain.com
    5) super.junk.mydomain.com
    6) super.www.mydomain.com

    Thus, there are 24 different combinations for the 4 usernames, and 6 hosts (i.e. I sent 24 emails). I sent from 3 different accounts (Yahoo, Hotmail, and my own ISP), and all received the same results:

    Host Type 1: everything worked correctly -- user1 received the email sent to user1@ and me@, and user2 received the email sent to user2@ and junk@.

    Host Type 2: very similar to Host Type 1, except that the "To" line stayed at "www.mydomain.com" after being sent and received.

    Host Type 3: in contrast to Host Type 2, the "smtp" CNAME was deleted entirely, and the "To" line just showed user1@mydomain.com, user2@mydomain.com, me@mydomain.com and junk@mydomain.com after being correctly received.

    Host Type 4,5,6: all emails (12 of them) bounced back to the sender, as those hosts didn't exist. Importantly, no emails showed up in the admin account (which happens when the wildcard DNS was turned on).

    Using CNAMES, and turning off wildcard DNS meant that at no time did the admin account receive any error messages for improper subdomains. If, instead, I had simply created A records, for instance, for FTP or SMTP, there'd be strange error messages if someone sent email to random@smtp.mydomain.com. The same kinds of error messages would show up if I kept on wildcard DNS. (Error messages refer to "local configuration error".

    As folks often mangle their email addresses, to prevent spam (e.g. usernameNOSPAM@DONTSPAM.mydomain.com), I believe the above setup has its advantages.

    Any comments as to whether there are any downsides to what I've done?

    Sincerely,

    George Kirikos
    http://www.kirikos.com/

    P.S. If you have wildcard DNS on, you can see the error messages in your admin email account by sending a message to usernameNOSPAM@DONTSPAM.mydomain.com. If you use an A record for a subdomain, try usernameNOSPAM@ftp.mydomain.com (replace "ftp" with the subdomain name for which there's an A record).

  2. #2
    Join Date
    Jun 2000
    Location
    Southern California
    Posts
    12,136
    I have to admit that I lost you there a bit, but I don't set all that up. Just:

    domain.com to IP address
    www A record to IP address
    (and most of the time) wildcard to server IP address.
    HostHideout.com - Where professionals discuss web hosting.

    • Chicken

  3. #3
    Join Date
    Aug 2000
    Posts
    2,754
    setting up an a record for smtp ....

    Doing that would it mean they are required to send mail through that or it would bounce?

  4. #4
    Join Date
    Feb 2001
    Location
    Toronto, Canada
    Posts
    20

    Post

    Hi,

    I assume you had to add MX records though, Chicken? What happens when you try to send an email to one of your domains (which have the wildcard DNS turned on) as mynameNOSPAM@DONTSPAM.yourdomain.com ?

    I was getting configuration error messages in the mailbox of the admin account when these emails were sent (and the messages would also bounce back to the sender). I had wanted to set things up so that I wouldn't see those errors at all (bouncing back to the sender is fine, though).

    DO you think there's any downside/problems the way I've set things up now, using CNAMEs etc? I wanted to make it easier for endusers to be able to use pop.mydomain.com, smtp.mydomain and ftp.mydomain.com, but avoid the issue of the mail errors when wildcard DNS was turned on. However, even though things seem to work now, I want to be sure I've not done anything incorrectly that I might not have tested for, due to idiosyncrasies with the RAQ.

    Sincerely,

    George Kirikos
    http://www.kirikos.com/

  5. #5
    Join Date
    Sep 2000
    Location
    Asia
    Posts
    105

    Question How to add a PTR record from Tera-byte's dnsadmin?

    Say I have a dedicated IP virtaul site dom1.com.

    I can add A record for dom1.com and www.dom1.com
    But where can I add a PTR record for dom1.com ?
    Or it is not necessary to add a PTR record.
    If so, then what's the difference between name-based
    virtural site and ip-based virtual site ?

    Thanks for your reply.




    [Edited by raylin on 02-14-2001 at 03:56 AM]

  6. #6
    Join Date
    Feb 2001
    Location
    Toronto, Canada
    Posts
    20
    If you're using Tera-Byte, email noc@tera-byte.com and they'll add the reverse DNS/PTR record. It needs to be done by the owner of the IP block, which is them.

    Sincerely,

    George Kirikos
    http://www.kirikos.com/

  7. #7
    Join Date
    Jun 2000
    Location
    Southern California
    Posts
    12,136
    Originally posted by GeorgeK I assume you had to add MX records though, Chicken?
    No, that's it (what I posted).

    What happens when you try to send an email to one of your domains (which have the wildcard DNS turned on) as mynameNOSPAM@DONTSPAM.yourdomain.com ?
    Yeah, it gets bounced and it gets sent to the admin box. You are getting errors because the server doesn't know what to do with it. If you took the wildcard out it might just bounce back without delivering a copy to you, but I just delete these when I get them and ignore it for the most part. Sometimes it's a spammer getting the copy though, so good to check it out

    I'm not sure there are any downsides to how you set it all up, just that it is extra work and isn't needed. You can FTP/POP/SMTP to http://www.domain.com without having to enter all the DNS entries so...

    If it works and you like it, then that's what it is all about (self gratification ) -enjoy!
    HostHideout.com - Where professionals discuss web hosting.

    • Chicken

  8. #8
    Join Date
    Feb 2001
    Posts
    313

    Question

    I'm not understaning this would this mean you would send an email or something to tera-byte requesting the dns add job to be complete or do they allow you access to a server where you can run this or any other script to add your dns? I am wondering because I just got a email that's saying that they are going to discontinue allowing thier customers to run their own dns servers which sucks.

  9. #9
    Join Date
    Feb 2001
    Location
    Toronto, Canada
    Posts
    20
    I'd rather use their DNS servers, as it provides another level of redundancy. And for $10 more, one gets the customized nameserver names, which isn't bad (given one can host many domains with those nameservers).

    Conceivably, you can always run DNS through a third party, and not Tera-Byte, but if you play with their nameserver control panel, it is very easy to use.

    Sincerely,

    George Kirikos
    http://www.kirikos.com/

  10. #10
    Join Date
    Dec 2000
    Location
    Ohio
    Posts
    273
    Originally posted by tymonhall
    I just got a email that's saying that they are going to discontinue allowing thier customers to run their own dns servers which sucks.
    Yes it does .

  11. #11
    Join Date
    Sep 2000
    Location
    New York/USA
    Posts
    1,691
    just pay the extra $10 and get personalized ones. i think its great!

  12. #12
    Join Date
    Dec 2000
    Location
    Ohio
    Posts
    273
    We'll I was getting my own pesonalized ones for free, now I have to pay another $10.

  13. #13
    Join Date
    Sep 2000
    Location
    New York/USA
    Posts
    1,691
    true. i wished it was free. $10 is hard to swallow when you're not making any money. i might just keep the tera-byte dns for now.

  14. #14
    Join Date
    Nov 2000
    Posts
    167

    It's not that easy

    Folks , it's not that easy.

    In case you are using your own nameserver,have you ever k how long does it takes to change nameservers 's IP address at NSI Registry ?
    Maybe 2 days theoretically or 2 months practically. (read DNS problem from other
    WHT forums )

    Or in case you are providing hosting service , do you know how hard it is to change your customer domain's dns.

    Last few months I changed ns.mydomain 's IP through realtime
    OpenSRS's API.But NSI appear no change so far.

  15. #15
    Join Date
    Sep 2000
    Location
    New York/USA
    Posts
    1,691
    out of the 4 times i had to change dns servers/ips, all my changes were completed in 2 days.

  16. #16
    Join Date
    Dec 2000
    Posts
    542
    I changed twice... And no problems with the timing as well.
    2 days...

  17. #17
    Join Date
    Dec 2000
    Location
    Ohio
    Posts
    273
    Same here, done within 2 days.

  18. #18
    Join Date
    Feb 2001
    Posts
    313
    Yea, I get it to change within two days as well. The bigest problem is going to be change the cusomers expecailly any new ones that I have no control over the name servers.

  19. #19
    you dont have to do a thing to any customers dns.
    step one request customized dns solution
    step two recieve new ips for your nameservers
    step three change your hostname records to reflect new ips
    step 4 add domains to tera-bytes dns control panel
    step 5 sit back and wait for seamless switchover
    when everything is said and done click off the dns button on your raq.
    as far as the cost goes your already paying at least 5.00 for the ips needed to run your own dns servers on the raq you no longer would need to pay that amount.

    Steve


  20. #20
    Join Date
    Sep 2000
    Location
    New York/USA
    Posts
    1,691
    oh ok, so basically if you already have spare ips, it's just $5 more. great deal!

  21. #21
    Join Date
    Jan 2001
    Location
    the Netherlands
    Posts
    542
    It was nice running my own dns till it crashed.

    Now my site is 2 days offline, and why ?
    Because Cobalt isnt able to come up with a decent version of BIND !

    The one that caused all the trouble is still on their patchlist.
    I spoke to a tera-byte dude, and he told me that version of BIND was notorius and i should have known it.
    Hell, if even Cobalt didn't know this !

    I'm still very curious what happend to my BIND, and would very much like to know how many people are running this version without any problems.

    i only counted 2 crashes on this forum right ? how many of you run BIND version 8.2.2_P5 on a RAQ3 from 4webspace?


  22. #22
    Join Date
    Nov 2000
    Posts
    167

    not worth to pay

    I came to 4ws because I dont' want to pay 10$/mo for my nameservers at Alabanza while I can hardly control them. I setup bind9 and run dns on my own raq3 as I can easily automate dns setup process . Blocking incoming dns on my raq server will just piss me off. Guess while people have second server somewhere else then using 4ws as one nameserver and other machine as another nameserver . Does it worth for them to pay additional 5-10$/mo ?

  23. #23
    Join Date
    Dec 2000
    Location
    Ohio
    Posts
    273
    I don't like it either. It's much more of a hassle to set things up through them rather than doing everything from the RaQ. Any the extra money, this should be a free service since were forced to use it.

  24. #24
    Join Date
    Nov 2000
    Posts
    167

    adjust rule

    right now, 4ws are losing from user's dns exploit and high technical loads.
    But after new rules applied, 4ws will retrieve security and technical availability back while some users are going to lost since thier own dns turn into a cost and are losing versatility as tera-byte's dns must be manually configured .

    why not adjust the rule like , people who are able to setup their own bind daemon can continue running dns on their raq (this will unload technical support since users must be responsible to their own daemon setup) or if security reason come into concern , 4ws should provide user's dns at no cost so that no parties lost since using ns.tera-byte.com seems silly among people providing services to outside world.

  25. #25
    Join Date
    Aug 2000
    Posts
    2,754
    Then think of this ...

    Someone comes along saying they know what they are doing. Tera-byte allow them to run the dns right from there machine. A hacker finds a way in through bind because the user ignored the fact and didnt upgrade there bind. They run to tera-byte for help saying my servers been hacked via bind. More time spent fixing things by the technical support team.

    With this in place they save this ever happening.

    Just think about what your getting for $99..

    how many other companies do you know who will give you 100 true gigabytes of bandwidth for that price?

    how many companies will provide the level of support they provide for that price?

    I don't think its a lot to ask for an extra $10 ... I've looked at other providers of RAQ's and what they supply for $99 .... they give you 50gb maybe 60 if your lucky. and most dont even provide it as true bandwidth. They also have slow networks ... I find 4webspace a little slow right now at times but still faster than all the others for this price. There even looking into sorting out issues.

    Find me another company who give you the service they do at the same price.... nearest your likely to get is $200 maybe $300 to get it.




Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •