Subject: Re: running my own DNS
arthur@corlissfamily.org
Date: Fri Dec 07 2001 - 14:41:08 AKST
On Fri, 7 Dec 2001 augustus@acerbic.org wrote:
>
> Well you don't really need reverse DNS, it's neat and all but it's not
> critical, every service you would want to run will work fine if the
> forward and reverse DNS don't match. So to host your own DNS all you need
> to do is get a static IP, install either BIND or djbdns
> (http://cr.yp.to/djbdns.html) on your server. Then configure DNS properly,
> I suggest checking out the HOWTO on the LDP, for your domain. I suggest
> setting up an internal DNS server first and play around with it for a
> couple weeks before setting up a public server because you will screw
> things up the first few times (if you use BIND) The HOWTO has excellent
> instructions on doing this as well.
I have to point out that reverse DNS *does* matter, in many situations. Take
some mail configs which are designed to prevent unauthorised relaying:
sendmail is often configured to do a forward *and* reverse lookup on
connecting hosts. If the two lookups don't agree on the identity of the
individual, you'll be denied.
For many services you can get away with only forward lookups, but don't think
for a minute that you'll never need control over that reverse lookup record.
Eventually, as you start adding more services, you'll find that you will. . .
--Arthur Corliss
Bolverk's Lair -- http://arthur.corlissfamily.org/
"Live Free or Die, the Only Way to Live" -- NH State Motto
This archive was generated by hypermail 2a23 : Fri Dec 07 2001 - 14:41:16 AKST