Part of this process also involves changing the nameservers from
Bitfolks old servers to their new ones. My registrar currently has the
old ones, would it make sense add the three new ones to my zone file,
then have my registrar update to the new ones, and then remove the old
ones? I'm hoping to avoid as much downtime as possible, and there's a
lag between requesting the change from my registrar and the change
actually being made.
Andy Smith wrote:
> Hi Michael,
>
> On Mon, Jul 26, 2010 at 04:42:58PM -0400, Michael Corliss wrote:
>
>> I understand that rsyncing is being discouraged in favor of
>> setting up a DNS server of my own.
>>
> In case anyone was not aware of this, here's why:
>
> When people whose zone files are being rsynced edit their files,
> they are supposed to run named-checkzone on them to check that their
> zone file is syntactically valid. I don't think very many people do
> this, because I frequently end up with a zone file that my
> nameserver can't parse. The errors are then only visible to me, so
> I have to open a ticket and get people to fix them.
>
> Having the customer run their own nameserver is a much better
> solution because they get to immediately see syntax any errors they
> might introduce and do not need a back-and-forth with support to
> sort them out.
>
> At the time the rsynced zone files solution was in place, the
> smallest BitFolk VPS had 120MiB RAM, and it was a reasonable
> complaint that running an authoritative DNS server on such a small
> VPS was a burden.
>
> For a long time now, 240MiB RAM has been the smallest available in a
> BitFolk VPS, and it's really perfectly feasible to run your own
> authoritative name server in that. Whether you choose to expose your
> own name server to the Internet or only to BitFolk's authoritative
> servers is up to you.
>
> So, while I've left all existing rsynced zone files in place, I have
> not accepted new ones in that way for a long time. I'm also not keen
> to update existing rsync configurations when people migrate to new
> VPSes, hence Michael's email.
>
>
>> I'm under the impression that setting up a DNS server will
>> similarly carry the information in the zone file to Bitfolks servers, but
>> I'm unfamiliar with how this process works.
>>
> How it works:
>
> When a name server loads a zone, the serial number at the top of the
> zone is checked. If the new serial is larger than the old one (or if
> the zone is completely new), the name server sends out a DNS NOTIFY
> packet to each of the hosts listed as NS records in the zone file.
>
> On receipt of a NOTIFY, these hosts then attempt to make a connect
> the source of the NOTIFY and check if they need to transfer the zone
> content. This is known as AXFR.
>
>
>> I've look at the Ubuntu documentation for bind9, but I'm not sure
>> if I need a caching server, a DNS primary, or a DNS secondary.
>>
> The names "primary" and "secondary" can be confusing. There's
> basically two kinds of name server:
>
> - a caching resolver, sometimes just called a resolver, or a cache;
> and
>
> - an authoritative server, sometimes abbreviated to "auth server".
>
> "primary" and "secondary" are names for authoritative DNS servers
> that perform certain roles.
>
> The usual distinction is that a "primary" server gets its zone
> content directly from the admin, perhaps in the form of a zone file.
> There is only one "primary" server.
>
> "secondary" servers get their zone content from elsewhere, usually
> the primary, but really it could be any other authoritative server
> i.e. other "secondary" servers!
>
> From the point of view of the DNS client, all authoritative servers
> are as good as each other.
>
> You need to set up an authoritative name server; it's going to be
> authoritative for the zone(s) you load into it. For bind9, this is
> really just a particular configuration. Probably the default one.
> bind9 can act as either authoritative or caching resolver (or both
> at once, but that's not a recommended configuration).
>
>
>> Can anyone who's done this give me some pointers?
>>
> 1. Install a name server (bind9 is a good choice if you are
> unfamiliar with name servers, because it's the most popular, and
> your zone file is already in bind format).
>
> 2. Load your existing zone file into it. It shouldn't require any
> modification except to increment the serial number at the top.
>
> 3. Query your name server to check that it has the records in it
> that you expect.
>
> 4. Configure your name server to allow AXFR from BitFolk's servers.
> Here's the list of servers:
>
> * a.authns.bitfolk.com
> * b.authns.bitfolk.com
> * c.authns.bitfolk.com
>
> Resolve those names to IPs to put into your config.
>
> 5. Contact support@??? to ask for secondary DNS to be set
> up. Please specify the domain name and your VPS account name.
>
> Cheers,
> Andy
>
>
>
>
> _______________________________________________
> users mailing list
> users@???
> https://lists.bitfolk.com/mailman/listinfo/users
>
