Linode Forum :: DNS

So who would you (anyone) suggest to register domains with? I was going to use godaddy, however advertising "domain by proxy" from their main page, and all their dirty dns tools makes me think very poorly of them. How is mydomain.com? Any others that anyone has had good luck with?

I *hate* verisign with a passion; not just as an end-user dealing with their crappy support, etc, but also due to their business practices, SUCH as adding the wildcard A record for any domain that doesn't resolve. This is going to break so many things, I can't wait to see what happens to them.

-Chris

Start out by looking over this. If that doesn't answer your question, give me a little more info and I'll see if I can help. Which hostway plan did you sign up for? Is it one of these? They all have different features and without knowing which one you have I can't help you.

--James

I have the $6.95 Domain Registration plan. Was I too cheap for my own good?

Code:

iptables -t nat -A POSTROUTING -d sitefinder-idn.verisign.com -j DNAT --to $SERVER_OF_YOUR_CHOICE

Quote:

I have the $6.95 Domain Registration plan. Was I too cheap for my own good?

I wouldn't worry about it too much. At the basic level, all registrars provide the same service, registering your domain. I'm the type of person that doesn't trust any internet company that wants to "help" me set things up, so I'd suggest you get an account at one of the free DNS hosting companies. Then use your linode to host http and mail servers. That way you have control over your domain. http://www.tldp.org/ has HOWTOs for just about everything. If they don't answer your questions, post them here.

--James

I've read the relevant document (I think) at the site, but I'm still confused (I don't think I'm quite ready for all of this knowledge yet, so I'm trying to get the basics of what I need and then I'll extend from there.)

These questions come up all the time. I'm putting together a very basic HOWTO for all of us. Check back soon. I'll post a link here when it's ready for prime-time.

Well godaddy provides full dns control aswell

I use http://www.zoneedit.com/

I've been with them for about 2 months and have had no problems. They will let you host 5 domains for free. Web interface isn't very pretty, but it's effective. Updates get enacted very quickly too. Some of the free DNS services changes don't show up to the rest of the world for up to a day.

Author:	caker [ Tue Sep 16, 2003 5:17 pm ]
Post subject:
I hate verisign with a passion; not just as an end-user dealing with their crappy support, etc, but also due to their business practices, SUCH as adding the wildcard A record for any domain that doesn't resolve. This is going to break so many things, I can't wait to see what happens to them. At any rate, I've implemented OpenSRS in the past and like it very much. So, my recommendation goes out to any of the OpenSRS resellers. You can also go to http://www.domaindirect.com/ directly (TuCow's own domain reseller company). -Chris

Author:	inkblot [ Tue Sep 16, 2003 5:30 pm ]
Post subject:	dealing with verisign's wildcard A record
Code: iptables -t nat -A POSTROUTING -d sitefinder-idn.verisign.com -j DNAT --to $SERVER_OF_YOUR_CHOICE

Author:	bji [ Tue Sep 16, 2003 5:56 pm ]
Post subject:	Re: VeriSign
kenny wrote: So who would you (anyone) suggest to register domains with? I was going to use godaddy, however advertising "domain by proxy" from their main page, and all their dirty dns tools makes me think very poorly of them. How is mydomain.com? Any others that anyone has had good luck with? I've used http://active-domain.com for a couple of registrations for some friends. They are dirt cheap but their DNS management stuff is pretty simplistic. If you just want someone to be your registrar, they are fine. Then you can have your DNS hosted by http://zoneedit.com, whom I have found to be excellent.

Author:	bji [ Tue Sep 16, 2003 5:58 pm ]
Post subject:	Re: VeriSign
Oh yeah, and I'd recommend staying away from register.com. I unfortunately have them as my registrar and I find that their tools for managing your domain don't work very well. I've tried to change my contact information several times and have it fail to take effect. I've opened support tickets with them about this issue and they never seem to get it right. I've given up. I wouldn't use them again.

Author:	qbatqbat [ Wed Sep 17, 2003 10:21 am ]
Post subject:	Re: VeriSign
caker wrote: I hate verisign with a passion; not just as an end-user dealing with their crappy support, etc, but also due to their business practices, SUCH as adding the wildcard A record for any domain that doesn't resolve. This is going to break so many things, I can't wait to see what happens to them. -Chris You may wish to sign this: http://www.petitiononline.com/icanndns/

Linode Forum https://forum.linode.com/

DNS https://forum.linode.com/viewtopic.php?f=19&t=143	Page 2 of 2

Author:	rhunter007 [ Wed Sep 17, 2003 10:52 am ]
Post subject:	Re: Just guessing...
irgeek wrote: Start out by looking over this. If that doesn't answer your question, give me a little more info and I'll see if I can help. Which hostway plan did you sign up for? Is it one of these? They all have different features and without knowing which one you have I can't help you. --James Hey James, thanks for the link, I'm reading it now. As for my plan, yes it's one of those. I have the $6.95 Domain Registration plan. Was I too cheap for my own good?

Author:	irgeek [ Wed Sep 17, 2003 12:28 pm ]
Post subject:	Not at all
Quote: I have the $6.95 Domain Registration plan. Was I too cheap for my own good? I wouldn't worry about it too much. At the basic level, all registrars provide the same service, registering your domain. I'm the type of person that doesn't trust any internet company that wants to "help" me set things up, so I'd suggest you get an account at one of the free DNS hosting companies. Then use your linode to host http and mail servers. That way you have control over your domain. http://www.tldp.org/ has HOWTOs for just about everything. If they don't answer your questions, post them here. --James

Author:	kenny [ Wed Sep 17, 2003 1:39 pm ]
Post subject:	Re: dealing with verisign's wildcard A record
inkblot wrote: Code: iptables -t nat -A POSTROUTING -d sitefinder-idn.verisign.com -j DNAT --to $SERVER_OF_YOUR_CHOICE Some ISPs are already doing this. So now how can you tell if you mistyped the url, or the site is down. This problem applies to all dns-enabled services. Email is a Hugh one (at least for me).. - A user mistypes a domain in an email - the mail server then finds the above A record for the non-existent domain (or, what should be nxdomain) - and thus tries delivering mail to the above site (sitefinder-idn.verisign.com for now) - it cannot connect to the site because it's being dos'd, your isp is blocking it, you're blocking it, for whatever reason it just can't contacted it - it then queues the message for later delivery instead of bouncing back to the user right away saying that the domain does not exist - it now takes up to a week for the user to realize they simply mistyped the email address ..unless you mail server can actually connect to the ip they are providing, which is currently running Code: #!/bin/sh echo "220 snubby2-wcwest Snubby Mail Rejector Daemon v1.3 ready" read echo "250 OK" read FROM echo $FROM >> /var/log/suckers echo "250 OK" read echo "550 User domain does not exist." read echo "250 OK" read echo "221 snubby2-wcwest Snubby Mail Rejector Daemon v1.3 closing transmission channel Connection closed by foreign host." exit (hope I dont get sued for sharing their source!) then your message will get bounced right away (well, if the above actually works with your mail server) and VeriSign makes off with your enduser's email addresses! and if they feel like it, the message body as well. It's easy to see how the above would cause rare problems for your endusers. Now, instead of it being a legit message going to a non-existing domain, image it being spam that your server is trying to bounce back to a non-existent domain (common with spam). Normally it'd "double-bounce" it (a bounced bounce) and toss the message, but now it takes a week or so for this double-bounce to happen. All of these message waiting to double-bounce are sitting in your queue, this could be hundreds, it could be tens of thousands depending on how much traffic you get. The good people who make qmail-ldap released patches for qmail that handle this by comparing the returned address with the address that is returned from a wildcard lookup of the same tld. There is a patch for dnscache. You provide it a list of ips that it should ignore. The problem is that this list can change. You could of course write a script to run once an hour and update this list. The positive is that it doesn't generate the extra lookups that the bind patch will (at least that's my understanding). This is my problem with VeriSign, they didn't just create a "site-finder" to help lost users, in practice they changed how dns works, thus forcing everyone else to work around it. Hehe, sorry this turned out to be a rant. Kenny

Author:	rhunter007 [ Wed Sep 17, 2003 2:16 pm ]
Post subject:	Re: Not at all
irgeek wrote: Quote: I have the $6.95 Domain Registration plan. Was I too cheap for my own good? I wouldn't worry about it too much. At the basic level, all registrars provide the same service, registering your domain. I'm the type of person that doesn't trust any internet company that wants to "help" me set things up, so I'd suggest you get an account at one of the free DNS hosting companies. Then use your linode to host http and mail servers. That way you have control over your domain. http://www.tldp.org/ has HOWTOs for just about everything. If they don't answer your questions, post them here. --James I've read the relevant document (I think) at the site, but I'm still confused (I don't think I'm quite ready for all of this knowledge yet, so I'm trying to get the basics of what I need and then I'll extend from there.) So, I'm on Hostway.com, and in their control panel, as far as I can tell, these are the only relevant entries which I can change: Primary DNS Hostname: a.dns.hostway.net Secondary DNS Hostname: b.dns.hostway.net Third DNS Hostname (optional): ... Sixth DNS Hostname (optional): and then Domain name forwarding... Forward all requests for http://www. site>.com to: I of course, have my IP with linode. I would like to get it so that when you type in www.mydomainname.com, it goes to my site. Pretty simple. From reading, it seems I want to edit the "A record". But there doesn't seem to be an option for that with Hostway. There is this domain forwarding thing, but from the how-to document it seems that it's a different thing than editing the A record. Should I settle for just editing the domain forwarding address? Secondly, I am running a mail server (qmail) and I don't understand what I will enter in my mail client (remotely) to check my email. I'd like it to be something like mail.mydomain.com. Intuitively, it seems that anything with mydomain.com should be directed to my linode, and then if it's www it knows to use my apache server, and if its mail it knows to use qmail. Thanks for the help.

Author:	irgeek [ Wed Sep 17, 2003 7:15 pm ]
Post subject:	Re: Not at all
Quote: I've read the relevant document (I think) at the site, but I'm still confused (I don't think I'm quite ready for all of this knowledge yet, so I'm trying to get the basics of what I need and then I'll extend from there.) These questions come up all the time. I'm putting together a very basic HOWTO for all of us. Check back soon. I'll post a link here when it's ready for prime-time. --James

Author:	irgeek [ Wed Sep 17, 2003 8:54 pm ]
Post subject:	Re: Not at all
irgeek wrote: These questions come up all the time. I'm putting together a very basic HOWTO for all of us. Check back soon. I'll post a link here when it's ready for prime-time. Whether or not its ready for prime-time is a matter up for discussion, but here's the first version. Read it over and let me know what you think. There's a link at the bottom of it to e-mail me. Right now though, I need to start writing my paper that's due tomorrow. --James

Author:	zack [ Sat Sep 20, 2003 1:58 am ]
Post subject:	another DNS service
I have used Easy DNS http://www.easydns.com and have been very pleased - they also are an opensrs reseller. Just adding another name to the list of providers!

Author:	LokiVidalez [ Fri Nov 21, 2003 7:40 pm ]
Post subject:
Well godaddy provides full dns control aswell

Author:	tetranz [ Fri Nov 21, 2003 8:09 pm ]
Post subject:
LokiVidalez wrote: Well godaddy provides full dns control aswell That's right. You probably already have what you need within GoDaddy. They make it a little hard to find at first. See this thread, especially my post near the end. http://www.linode.com/forums/viewtopic.php?t=406

Page 2 of 2	All times are UTC-04:00
Powered by phpBB® Forum Software © phpBB Group http://www.phpbb.com/

Author:	Ashen [ Sun Nov 23, 2003 2:46 pm ]
Post subject:
irgeek wrote: I use http://www.zoneedit.com/ I've been with them for about 2 months and have had no problems. They will let you host 5 domains for free. Web interface isn't very pretty, but it's effective. Updates get enacted very quickly too. Some of the free DNS services changes don't show up to the rest of the world for up to a day. I'd reccomend them too, I use them and they work very well for me. -Ashen