Linode Forum :: HowTo: Linode as DNS slaves with your own server as SOA

So? It's public information. That's why it's in the DNS. If you don't want people to find your hosts, don't put them in the system.

-Subdomains don't work. I assume this is to prevent a malicious user from setting up www.mydomain.com on top of mydomain.com as a DNS poisoning attack.

Someone jogged my memory about this post and I thought I'd update the bind acl list - I now have four Linode servers in /etc/bind/named.conf:

Code:

acl slaves {
        69.93.127.10;
        65.19.178.10;
        75.127.96.10;
        207.192.70.10;
        };

Author:	Mekk [ Fri Jul 18, 2008 11:30 am ]
Post subject:
I configured my host as described above: - maradns on my vps, configured more or less as above, - linode configured (in DNS manager) as slave for my domain - two linode nameservers (plus some other secondary DNS my colleague serves for me) configured as servers for my domain Everything seems to be working properly

Author:	ArbitraryConstant [ Fri Jul 18, 2008 2:32 pm ]
Post subject:
The system seems to work pretty well. I recently moved everything over to ns{1,2,3,4}.linode.com, with my Linode as the master. I've noticed a few quirks: -ns{3,4} seem to take a few minutes to pick up changes sometimes. -Subdomains don't work. I assume this is to prevent a malicious user from setting up www.mydomain.com on top of mydomain.com as a DNS poisoning attack. I haven't seen any major issues, and it's one of my favorite features of Linode. Just getting name servers for the domain is trivial with most registrars, if you're looking to host at Linode at all you probably need more. Unfortunately a good DNS setup isn't something a single VPS can host by itself. Getting an infrastructure to do that is a great addition. SteveG wrote: So? It's public information. That's why it's in the DNS. If you don't want people to find your hosts, don't put them in the system. The security impact isn't that large, it's mostly an image thing to be honest. Whether or not the practice is important, it's preferable to be seen to follow it.

Author:	IntuititveNipple [ Sat Oct 11, 2008 7:50 am ]
Post subject:	Updated bind acl
Someone jogged my memory about this post and I thought I'd update the bind acl list - I now have four Linode servers in /etc/bind/named.conf: Code: acl slaves { 69.93.127.10; 65.19.178.10; 75.127.96.10; 207.192.70.10; };

Author:	IntuititveNipple [ Sat Oct 11, 2008 7:52 am ]
Post subject:
ArbitraryConstant wrote: -Subdomains don't work. I assume this is to prevent a malicious user from setting up www.mydomain.com on top of mydomain.com as a DNS poisoning attack. Delegated sub-domains should work the same as any other. On the master server delegate the sub-domain in the domain zone file, create the zone-file for the sub-domain, and add the sub-domain to Linode DNS Manager.

Author:	Malvineous [ Sun Oct 12, 2008 5:52 am ]
Post subject:	Re: Updated bind acl
IntuititveNipple wrote: Someone jogged my memory about this post and I thought I'd update the bind acl list - I now have four Linode servers in /etc/bind/named.conf: Code: acl slaves { 69.93.127.10; 65.19.178.10; 75.127.96.10; 207.192.70.10; }; Are you sure that's right? I have a couple of domains slaved to the Linode servers, but only the first two servers respond when I query them - the last two return ESERVFAIL. EDIT: Oh wait, sorry, my bad - got confused with the nameservers. Yes, I have to add these to the Bind config before ns3 and ns4 will work...

Linode Forum https://forum.linode.com/

HowTo: Linode as DNS slaves with your own server as SOA https://forum.linode.com/viewtopic.php?f=19&t=2981	Page 2 of 2

Page 2 of 2	All times are UTC-04:00
Powered by phpBB® Forum Software © phpBB Group http://www.phpbb.com/