LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   Zone File Creation (https://www.linuxquestions.org/questions/linux-newbie-8/zone-file-creation-374871/)

mr_dizzle 10-19-2005 09:11 PM
Zone File Creation
 
I am in the middle of moving some people to a new server and putting them on new IP's.
Unfortunately some of these people and their surfers are hitting the old server/IP because their ISP is using cached DNS records (although their zone files have been updated in my name-servers).
The following is the template I was using for zone file creation:


; ------------------------------------------------------------
; domain.com Start of Authority Records (SOA)
; ------------------------------------------------------------
$TTL 86400
@ 7d IN SOA ns1.domain.com. (
dnsadmin.domain.com. ; Zone Contact
2005101900 ; Serial
1h ; Refresh
30m ; Retry
7d ; Expire
1h ) ; Negative Cache

; ------------------------------------------------------------
; mydomain.com Nameserver Records (NS)
; ------------------------------------------------------------
@ 7d IN NS ns1.domain.com.
@ 7d IN NS ns2.domain.com.

; ------------------------------------------------------------
; mydomain.com A (ADDRESS) and MX Records (MAIL EXCHANGER)
; ------------------------------------------------------------
@ 1d IN A 192.168.0.1
@ 1d IN MX 0 mail.domain.com.

; ------------------------------------------------------------
; mydomain.com Address Records (A)
; ------------------------------------------------------------

; Do not remove the localhost entry
; Name Server address records
localhost 1d IN A 127.0.0.1

; Web/Internet based records
www 1d IN A 192.168.0.1
ftp 1d IN A 192.168.0.1
mail 1d IN A 192.168.0.1
smtp 1d IN A 192.168.0.1
pop 1d IN A 192.168.0.1

I realize that this is happening because the TTL's are set pretty high.
I figure that I will have to fix their zone files with shorter TTL's and wait for these new zones to propagate in all the dns servers around the world before I continue moving people. My longest TTL is 7d, so I guess I might have to wait a full week.

I am a bit confused on what each TTL represents though.
I understand this portion of the zone:

; ------------------------------------------------------------
; mydomain.com A (ADDRESS) and MX Records (MAIL EXCHANGER)
; ------------------------------------------------------------
@ 1d IN A 192.168.0.1
@ 1d IN MX 0 mail.domain.com.

; ------------------------------------------------------------
; mydomain.com Address Records (A)
; ------------------------------------------------------------

; Do not remove the localhost entry
; Name Server address records
localhost 1d IN A 127.0.0.1

; Web/Internet based records
www 1d IN A 192.168.0.1
ftp 1d IN A 192.168.0.1
mail 1d IN A 192.168.0.1
smtp 1d IN A 192.168.0.1
pop 1d IN A 192.168.0.1


But I am having trouble understanding this portion:


; ------------------------------------------------------------
; domain.com Start of Authority Records (SOA)
; ------------------------------------------------------------
$TTL 86400
@ 7d IN SOA ns1.domain.com. (
dnsadmin.domain.com. ; Zone Contact
2005101900 ; Serial
1h ; Refresh
30m ; Retry
7d ; Expire
1h ) ; Negative Cache

; ------------------------------------------------------------
; mydomain.com Nameserver Records (NS)
; ------------------------------------------------------------
@ 7d IN NS ns1.domain.com.
@ 7d IN NS ns2.domain.com.

Actually, I know that the red TTL above is the default TTL if nothing is specified.
I'm looking for help on what the blue and green sections represent.


Also, what should I change my zone file TTL's to in order to prevent dns caching. I was thinking this:

; ------------------------------------------------------------
; domain.com Start of Authority Records (SOA)
; ------------------------------------------------------------
$TTL 60
@ 7d IN SOA ns1.domain.com. (
dnsadmin.domain.com. ; Zone Contact
2005101900 ; Serial
1h ; Refresh
30m ; Retry
7d ; Expire
1h ) ; Negative Cache

; ------------------------------------------------------------
; mydomain.com Nameserver Records (NS)
; ------------------------------------------------------------
@ 1d IN NS ns1.domain.com.
@ 1d IN NS ns2.domain.com.

; ------------------------------------------------------------
; mydomain.com A (ADDRESS) and MX Records (MAIL EXCHANGER)
; ------------------------------------------------------------
@ 60 IN A 192.168.0.1
@ 60 IN MX 0 mail.domain.com.

; ------------------------------------------------------------
; mydomain.com Address Records (A)
; ------------------------------------------------------------

; Do not remove the localhost entry
; Name Server address records
localhost 60 IN A 127.0.0.1

; Web/Internet based records
www 60 IN A 192.168.0.1
ftp 60 IN A 192.168.0.1
mail 60 IN A 192.168.0.1
smtp 60 IN A 192.168.0.1
pop 60 IN A 192.168.0.1

Is this to much work for the name-server?
Should I change the NS records to 60 as well?
What about the TTL of the SOA?

Thanks for your help and suggestions.

macemoneta 10-20-2005 02:27 PM
You don't need to change the TTL (which is in seconds; 86400=24hrs) so much as update the serial number. If the serial number is not updated, no propagation occurs (it's the field used to determine a change has occurred). I highly recommend O'Reilly's DNS & BIND.

mr_dizzle 10-20-2005 03:10 PM
i understand how the serial number works, but i don't want people's isp's to keep cached records. if i leave the TTL high, then when i put these people on a new server with a new IP then i will have to wait up to X amount of days before them and their surfers may start hitting the new IP.

i guess i need what i really need is what each sections TTL does and what i should set this stuff to:

@ 7d IN SOA ns1.domain.com. (
dnsadmin.domain.com. ; Zone Contact
2005101900 ; Serial
1h ; Refresh
30m ; Retry
7d ; Expire
1h ) ; Negative Cache

JimBass 10-20-2005 08:01 PM
If you are going to run real world DNS, you need to know the already mentioned DNS and Bind backwards and forwards. Also, I trust that you know 192.168.0.1 is not a publicly available address?

The TTL can safely bee lowered to 3600, which is one hour. I have never seen
Quote:
@ 7d IN NS ns1.domain.com.
before in a zonefile. Not sure if that will work or not. The accepted method for identifying nameservers is:
Code:
ns1    7200    IN      A      1.2.3.4
Why people think they should hide their addresses when asking for help with zonefiles is rediculous. We could have helped easier if we could have tested the nameserver itself, and the "domain.com" and 192.168.0.1 just make that impossible.

Peace,
JimBass

mr_dizzle 10-20-2005 08:08 PM
this link has helped me out.
http://www.tech-recipes.com/bind_and_dns_tips305.html

name-servers are running fine. i'm just trying to figure out what to edit to lessen the amount of time of cached dns records. i've got it figured out. thanks for the replies.

this does work:

@ 7d IN NS ns1.domain.com.

but i've changed the format a bit now.


All times are GMT -5. The time now is 03:48 PM.