How does this look?

I recently moved to a dedicated server (Linux RH 6.2) and have been trying
to get DNS setup. Does the record below look OK?


$ttl 38400
domain.com. IN SOA NS1.NAMESERVER.NET. webmaster.domain.com. (
1002993212
10800
3600
604800
38400 )
domain.com. IN NS NS1.NAMESERVER.NET.
domain.com. IN NS NS2.NAMESERVER.NET.
domain.com. IN A 66.80.45.25
URL IN CNAME domain.com.
mail.domain.com. IN CNAME domain.com.
ftp.domain.com. IN CNAME domain.com.
smtp.domain.com. IN CNAME domain.com.
pop.domain.com. IN CNAME domain.com.
domain.com. IN MX 10 domain.com.

>> Does the record below look OK?

Not quite.

1) Don't use CNAME, use multiple A records at all time
http://forums.devshed.com/showthrea...4202&forumid=36
2) Don't use UPPERCASE, use only lowercase. Yes, domain name is case-insensitive. When you use UPPERCASE, it's slower and it makes differences.
3) If you have only one A record, it should be FQDN. domain.com is NOT FQDN.
4) SMTP server relies on DNS the most. Give it highest preference at all time if you have just ONE static IP.
5) Use mail.domain.com for both pop and smtp.
Here is a revision:

$ttl 38400
domain.com. IN SOA ns1.nameserver.net. webmaster.domain.com. (
200111010318
10800
3600
604800
38400 )
domain.com. IN NS ns1.nameserver.net.
domain.com. IN NS ns2.nameserver.net.
mail.domain.com. IN A 66.80.45.25
domain.com. IN A 66.80.45.25
www.domain.com. IN A 66.80.45.25
ftp.domain.com. IN A 66.80.45.25
domain.com. IN MX 0 mail.domain.com.

I've still some problems with this remark:

I agree that your queries (1 actually) might be quicker, but CNAMEs where invented to:
a. show that it is an alias
b. make administrationlife easier.

You point to another discussion where a dozen A-records point to the same IP-address. This leads only to confusion when someone decides to change the IP-address and forgets to edit one. When using CNAMEs, non of that can happen.

Furthermore, you're talking about speed. That is true (for the first query, after that it's cached for some time at the DNS-server you're querying), but where talking bytes here, not Megabytes.

According to your "theory" we should use IP-addresses instead of domain-names when sending email, because it might safe you some bytes.

Basically this discussion is about bandwidth against RFC. I go for the last one.

Kind regards,

Peter

>> show that it is an alias

There is no such thing as alias in the true DNS world. The thing is, for performance and reliability concerns, use the best available configuration.

>> make administrationlife easier

No at all when someone run to you and say I see an error message in my smtp log that say "CNAME lookup failure temporary". Why?.

>> for the first query, after that it's cached for some time at the DNS-server you're querying

When using CNAME, dns client requires to query the A record of the associates A record starting from root servers and it requires further lookup and often may take forever depending on the level. In BIND, they incorrectly believe all answers from anywhere are to be correct and can be trust, therefore, they cache everything more than you want it to cache. This leads to several BIND exploits when hackers making up some DNS info in purpose to trick BIND to believe that everything on the Internet can be trust.
In djbdns, it only caches data from authoritative servers whose authority
can be traced to the roots. That said, djbdns trusts answers and cache it only from authoritative servers.

>> we should use IP-addresses instead of domain-names when sending email

No as that defeats the purpose of DNS in the first place.

>> Basically this discussion is about bandwidth against RFC

Unfortunately there are many design flaws in DNS protocol. Why don't you or whoever reading this thread take a few moment and read thru this short page -> http://cr.yp.to/djbdns/notes.html and give yourself a better clue what DNS really is, and the disadvantage of using BIND.