This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/

Recommendations for DNS

Previous message (by thread): Recommendations for DNS
Next message (by thread): Recommendations for DNS

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Fredrik Widell frwi at global-ip.net
Thu May 14 16:26:48 CEST 1998

On Thu, 14 May 1998, Hans Niklasson wrote:

> Greetings
> 
> This is one of the actionspoints from RIPE-28, to present easy and short
> recommendations for setting up a DNS.
> I presented this for the DNS WG on RIPE-29.
> Any suggestions or remarks will still be very welcomed.
> Especially the times for the SOA records.
> Otherwise I recommend that we move forward to make this a RIPE-document.



Hello.


As someone pointed out at RIPE-29, it would be a good idea
to increase the expiration period appr four times, say
2419200, there is really no point in limiting this to
one week, often the customers do not realize that their
nameserver is out of order, and in one week their domain
is vanished from Internet.


Best regards
> 
> 
> 
> 
>                               DNS recommendations.
>  
>  
> By:
>  
> Hans Niklasson <hasse at swip.net>
> Amar Andersson <amar at telia.net>
>  
>  
>  
> Scope: 
>  
> This documents act as a recommendation for configuring your DNS. This is
> NOT a requirement, only a recommendation of things to think about when
> setting up your DNS.
>  
> Purpose:
>  
> To decrease lame delegations and limit unecessary traffic due to resolving
> problems, among other things.
>  
>  
> Records:
> -----------------------------------------------------------------------------
>  
> SOA      The address in this field must be a valid e-mail address to the
>          administrator for the DNS.
>         *** It's also good practise to have role address instead of
> 		personal, ie root.. admin.. hostmaster.. 
> 		(when domain-administrator is leaving your company, you 
> 		only change the alias for role address).
>  
> Ex:
>  
> domain.xx.        3600    SOA     dns.domain.xx admin.domain.xx. 
>  
>  
> SERIAL   Serial number should follow this format: YYYYMMDDXX 
>          ( year.year.year.year.month.month.day.day.nr.nr ),
>          where XX is the number of the latest update of the zone in the 
>          same day. (Year 2000 is near.)
>  
> Ex:
>  
>                   1998010101      ; serial
>  
>  
> TTL      A good balance of this will reduce unecessary traffic between
>         nameservers.
>  
> Ex:
>  
>                   28800   ; refresh (8 hours)
>                   7200    ; retry (2 hour)
>                   604800  ; expire (7 days)
>                   86400 )  ; minimum (1 day)
>  
> MX       When pointing a domain to a mailserver/hostname, don4t forget to
>          add a glue record ( A ) for this.
>  
> Ex:
>  
> domain.xx.        86400    MX      10 mail.domain.xx.
>  
> mail.domain.xx    86400    A       192.168.0.1
>  
>  
> CNAME    Use this with percausion. It is *not* recommended to use a CNAME
>          for a mailservers hostname, as this can cause resolving problems
>          and mailloops.
>  
> A        A gluerecord can only point to an IP address.
>  
>  
>  
> PTR      This is used for reverse lookup of the IP address to a hostname
>          within the zone. Make sure that your PTR records and A records
>          match. For each A record there has to be a PTR record, and vice
>          versa.
>  
>  
> More tips:
>  
> Unecessary glue data:  
>         
>         Don4t add unecessary glue data about hosts that is not within the
>         zone. This can cause resolving problems if the host changes IP
>         address.
>  
> Ex:
>  
> domain.xx.        86400    MX      10 mail.server.xx.
>  
> mail.server.xx    86400    A       192.168.0.1
>  
> Trailing dots: 
>         Don4t forget to add a "." at the end of the domain/
>         hostname. If this is forgotten, this will make the DNS to add the
>         domain name to the domain/hostname again. This will cause
>         resolving problems.
>  
> Ex:
>  
> domain.xx.        86400    MX      10 mail.domain.xx.domain.xx.
>  
> Illegal characters: 
>         
>         Only a-z , 0-9 and - is valid to use. All other characters is
>         illegal and can cause the resolving to fail.
>  
>  
> General Points:
>  
>         Use the latest version of the DNS software for your platform.
>         Check for updates regulary, as new versions has the latest
>         solutions and information.
>  
>  
> Additional reading and references:
>  
>         RFC1537 ( RFC1912 )
>         ( Common DNS Operational and Configuration Errors )
>  
>         "DNS & BIND 2nd Edition" by Paul Albitz & Cricket Liu 
>         from O4Reilly & Associates Inc.
>         
>         ftp://ftp.ripe.net/internet-drafts/draft-ietf-dnsind-classless-
>         inaddr-04.txt
>         ( For reverse delegation methods for blocks smaller than /24,
>         256 addresses )
>  
>         http://www.dns.net/dnsrd/
>         ( DNS Resources Directory )
> 
> 
> /Hans Niklasson
> 
> -----------------------------------------------------------------
> 		SWipNet - The Swedish IP Network
> 
> 
> 
> 
> 
> 
> 
> 


	/Fredrik

---------------------------------
Fredrik Widell - Global IP Sweden
Phone : +46 8 519 131 00
Mail  : frwi at global-ip.net

Previous message (by thread): Recommendations for DNS
Next message (by thread): Recommendations for DNS

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[ dns-wg Archives ]