LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 10-19-2005, 09:11 PM   #1
mr_dizzle
Newbie
 
Registered: Oct 2003
Posts: 27

Rep: Reputation: 15
Zone File Creation


I am in the middle of moving some people to a new server and putting them on new IP's.
Unfortunately some of these people and their surfers are hitting the old server/IP because their ISP is using cached DNS records (although their zone files have been updated in my name-servers).
The following is the template I was using for zone file creation:


; ------------------------------------------------------------
; domain.com Start of Authority Records (SOA)
; ------------------------------------------------------------
$TTL 86400
@ 7d IN SOA ns1.domain.com. (
dnsadmin.domain.com. ; Zone Contact
2005101900 ; Serial
1h ; Refresh
30m ; Retry
7d ; Expire
1h ) ; Negative Cache

; ------------------------------------------------------------
; mydomain.com Nameserver Records (NS)
; ------------------------------------------------------------
@ 7d IN NS ns1.domain.com.
@ 7d IN NS ns2.domain.com.

; ------------------------------------------------------------
; mydomain.com A (ADDRESS) and MX Records (MAIL EXCHANGER)
; ------------------------------------------------------------
@ 1d IN A 192.168.0.1
@ 1d IN MX 0 mail.domain.com.

; ------------------------------------------------------------
; mydomain.com Address Records (A)
; ------------------------------------------------------------

; Do not remove the localhost entry
; Name Server address records
localhost 1d IN A 127.0.0.1

; Web/Internet based records
www 1d IN A 192.168.0.1
ftp 1d IN A 192.168.0.1
mail 1d IN A 192.168.0.1
smtp 1d IN A 192.168.0.1
pop 1d IN A 192.168.0.1

I realize that this is happening because the TTL's are set pretty high.
I figure that I will have to fix their zone files with shorter TTL's and wait for these new zones to propagate in all the dns servers around the world before I continue moving people. My longest TTL is 7d, so I guess I might have to wait a full week.

I am a bit confused on what each TTL represents though.
I understand this portion of the zone:

; ------------------------------------------------------------
; mydomain.com A (ADDRESS) and MX Records (MAIL EXCHANGER)
; ------------------------------------------------------------
@ 1d IN A 192.168.0.1
@ 1d IN MX 0 mail.domain.com.

; ------------------------------------------------------------
; mydomain.com Address Records (A)
; ------------------------------------------------------------

; Do not remove the localhost entry
; Name Server address records
localhost 1d IN A 127.0.0.1

; Web/Internet based records
www 1d IN A 192.168.0.1
ftp 1d IN A 192.168.0.1
mail 1d IN A 192.168.0.1
smtp 1d IN A 192.168.0.1
pop 1d IN A 192.168.0.1


But I am having trouble understanding this portion:


; ------------------------------------------------------------
; domain.com Start of Authority Records (SOA)
; ------------------------------------------------------------
$TTL 86400
@ 7d IN SOA ns1.domain.com. (
dnsadmin.domain.com. ; Zone Contact
2005101900 ; Serial
1h ; Refresh
30m ; Retry
7d ; Expire
1h ) ; Negative Cache


; ------------------------------------------------------------
; mydomain.com Nameserver Records (NS)
; ------------------------------------------------------------
@ 7d IN NS ns1.domain.com.
@ 7d IN NS ns2.domain.com.


Actually, I know that the red TTL above is the default TTL if nothing is specified.
I'm looking for help on what the blue and green sections represent.


Also, what should I change my zone file TTL's to in order to prevent dns caching. I was thinking this:

; ------------------------------------------------------------
; domain.com Start of Authority Records (SOA)
; ------------------------------------------------------------
$TTL 60
@ 7d IN SOA ns1.domain.com. (
dnsadmin.domain.com. ; Zone Contact
2005101900 ; Serial
1h ; Refresh
30m ; Retry
7d ; Expire
1h ) ; Negative Cache

; ------------------------------------------------------------
; mydomain.com Nameserver Records (NS)
; ------------------------------------------------------------
@ 1d IN NS ns1.domain.com.
@ 1d IN NS ns2.domain.com.

; ------------------------------------------------------------
; mydomain.com A (ADDRESS) and MX Records (MAIL EXCHANGER)
; ------------------------------------------------------------
@ 60 IN A 192.168.0.1
@ 60 IN MX 0 mail.domain.com.

; ------------------------------------------------------------
; mydomain.com Address Records (A)
; ------------------------------------------------------------

; Do not remove the localhost entry
; Name Server address records
localhost 60 IN A 127.0.0.1

; Web/Internet based records
www 60 IN A 192.168.0.1
ftp 60 IN A 192.168.0.1
mail 60 IN A 192.168.0.1
smtp 60 IN A 192.168.0.1
pop 60 IN A 192.168.0.1

Is this to much work for the name-server?
Should I change the NS records to 60 as well?
What about the TTL of the SOA?

Thanks for your help and suggestions.
 
Old 10-20-2005, 02:27 PM   #2
macemoneta
Senior Member
 
Registered: Jan 2005
Location: Manalapan, NJ
Distribution: Fedora x86 and x86_64, Debian PPC and ARM, Android
Posts: 4,593
Blog Entries: 2

Rep: Reputation: 332Reputation: 332Reputation: 332Reputation: 332
You don't need to change the TTL (which is in seconds; 86400=24hrs) so much as update the serial number. If the serial number is not updated, no propagation occurs (it's the field used to determine a change has occurred). I highly recommend O'Reilly's DNS & BIND.
 
Old 10-20-2005, 03:10 PM   #3
mr_dizzle
Newbie
 
Registered: Oct 2003
Posts: 27

Original Poster
Rep: Reputation: 15
i understand how the serial number works, but i don't want people's isp's to keep cached records. if i leave the TTL high, then when i put these people on a new server with a new IP then i will have to wait up to X amount of days before them and their surfers may start hitting the new IP.

i guess i need what i really need is what each sections TTL does and what i should set this stuff to:

@ 7d IN SOA ns1.domain.com. (
dnsadmin.domain.com. ; Zone Contact
2005101900 ; Serial
1h ; Refresh
30m ; Retry
7d ; Expire
1h ) ; Negative Cache
 
Old 10-20-2005, 08:01 PM   #4
JimBass
Senior Member
 
Registered: Oct 2003
Location: New York City
Distribution: Debian Sid 2.6.32
Posts: 2,100

Rep: Reputation: 49
If you are going to run real world DNS, you need to know the already mentioned DNS and Bind backwards and forwards. Also, I trust that you know 192.168.0.1 is not a publicly available address?

The TTL can safely bee lowered to 3600, which is one hour. I have never seen
Quote:
@ 7d IN NS ns1.domain.com.
before in a zonefile. Not sure if that will work or not. The accepted method for identifying nameservers is:
Code:
ns1     7200    IN      A       1.2.3.4
Why people think they should hide their addresses when asking for help with zonefiles is rediculous. We could have helped easier if we could have tested the nameserver itself, and the "domain.com" and 192.168.0.1 just make that impossible.

Peace,
JimBass

Last edited by JimBass; 10-20-2005 at 08:02 PM.
 
Old 10-20-2005, 08:08 PM   #5
mr_dizzle
Newbie
 
Registered: Oct 2003
Posts: 27

Original Poster
Rep: Reputation: 15
this link has helped me out.
http://www.tech-recipes.com/bind_and_dns_tips305.html

name-servers are running fine. i'm just trying to figure out what to edit to lessen the amount of time of cached dns records. i've got it figured out. thanks for the replies.

this does work:

@ 7d IN NS ns1.domain.com.

but i've changed the format a bit now.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Zone file problem dute105 Linux - Networking 3 09-20-2005 10:30 PM
Need help with DNS zone file please:-) TippyToes Linux - Networking 5 04-28-2004 05:32 PM
RPM Spec file creation: %file section question davidas Linux - Newbie 0 03-16-2004 10:36 PM
linux firewall with internet zone, dmz and trusted zone ikhwan98 Linux - Security 1 11-27-2001 04:45 AM
Zone File Nezar Linux - Networking 1 06-10-2001 02:29 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 03:50 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration