>> we found another internet ISP and are now ready to re-host our customer
Good, just do so.
>> What is a FQDN ?
In the form of xxx.yyy.zzz
>> Why shouldn' I use cavarroc.xxx if cavarroc.net and cavarroc.com point to the same location ?
Different domain and different TLD (top level domain).
Imagine doing a recursive lookup on both, and ns1.resint.com being the SOA. Do you think looking up cavarroc.net is faster than cavarroc.com? No. Because starting from root servers, .com and .net are different. It takes much longer time to lookup the .net than the .com.
>> I removed 156.223.213.in-addr.arpa from /etc/named.conf
Yes, you don't need it. But give a shot and ask your ISP if they can setup the reverse for you at no charge or for a low one-time fee. Having a reverse that maps back to the same FQDN helps alot.
>> /home/named/cavarroc.xxx :
>> Is this correct ?
No. Try this:
cavarroc.net. IN SOA ns1.resint.com. hostmaster.resint.com. (
2001122704 ; Serial
6H ; Refresh
1H ; Retry
5D ; Expire
1D ) ; Minimum
cavarroc.net. IN NS ns1.resint.com.
cavarroc.net. IN NS ns2.resint.com.
www.cavarroc.net. IN A 220.127.116.11
ftp.cavarroc.net. IN A 18.104.22.168
cavarroc.net. IN MX 0 mail.resint.com.
1) Do not set mail A 22.214.171.124
because you can't use mail.cavarroc.net. I will explain this a little later.
2) Do not use HINFO
, especially when running on a insecure OS (win2k). These days nobody uses HINFO any longer because there are too many people abusing it. As the DNS host standpoint, just provide sufficient info for other to query, no more, no less. Do not let others reveal too much info. In BIND8, there is an option called version
which can be configured in named.conf like so:
This tells BIND not to release the version info. Why should version matters? Because BIND is the most insecure software on earth, the developers realized releasing the version is potential vulnerable if there were exploits found in such version.
In your case, running win2k doesn't make you proud but vulnerable to all kind of attacks (do not tell others explicitly you are running win2k), therefore highly discouraged. In fact, running M$ servers is a shame, so hide it to yourself.
>> MX 10 mail
As you can see from my post, the MX MUST
be pointed to mail.resint.com, not mail.cavarroc.net.
SMTP relies on DNS heavily, setting mail.cavarroc.net could easily cause your messages to be bounced or deferral.
As I pointed out in many of my posts, that's why dynamic IP site that points their MX to mail.theirdomain.com is plain dumb. 50% of the mails could be easily lost.
Now say your mail.resint.com doesn't have a unique IP but sharing the same IP as ns1.resint.com and ns1.resint.com is being the SOA and NS. You then MUST
set your MX to ns1.resint.com (not mail.resint.com although it resolves to the same IP as ns1.resint.com).
>> Excuse me but I'm still a newbie !
Nobody on earth is born to know everything. Just try your best and configure BIND, then post here if you have further questions. BTW, when you are familiar with BIND, then that's about time to ditch the world-most insecure software (BIND) and give djbdns
a try. djbdns's dnscache is 500 to 700 times faster than BIND. Do a search using the search keyword djbdns
or just djb
if you are interested in migrating from BIND to djbdns. Well, I don't think you are ready yet, so just play around with BIND for now.