|
|
|
| |||||||||
![]() |
|
|
«
Previous Thread
|
Next Thread
»
|
Thread Tools | Search this Thread | Rate Thread | Display Modes |
|
|
AT&T devCentral & BlackBerry(r) Webcast Series: BlackBerry and GPS -Build Location Awareness into your BlackBerry Applications, July 10th-1:00PM EST. Register Today!
|
|
#1
|
|||
|
|||
|
subdomain, cname or zone?
I am still not sure, which one I should use CNAME or Zone for subdomain.. The subdomains will have same IP as main domain.
If it's zone, then is this idea correct? The files are still same, so I just put in here what I am going to add.. add this in named.conf: Code:
zone "subdomain.mezzweb.com" in {
type master;
file "mezzweb.com";
notify yes;
};
add one line right before MX in mezzweb.com: Code:
subdomain.mezzweb.com. IN A 65.27.58.186 Thanks, Mezz |
|
#2
|
|||
|
|||
|
>> which one I should use CNAME or Zone for subdomain
None. >> then is this idea correct? No. subdomain.mezzweb.com is under your mezzweb.com's zone as: Code:
zone "mezzweb.com" in {
type master;
file "mezzweb.com";
notify yes;
};
There's one exception, that is, when you delegate host.subdomain.mezzweb.com to subdomain.mezzweb.com, but with one static IP you can't play this subdomain delegation stuff. That said, just add subdomain.mezzweb.com to: mezzweb.com: Code:
$TTL 86400 mezzweb.com. IN SOA ns1.mezzweb.com. hostmaster.mezzweb.com. ( 2002041200; Serial 12H ; Refresh 1800 ; Retry 2W ; Expire 1D ); Minimum mezzweb.com. IN NS ns1.mezzweb.com. mezzweb.com. IN NS ns1.yourfriend.com. ns1.mezzweb.com. IN A 65.27.58.186 mezzweb.com. IN A 65.27.58.186 www.mezzweb.com. IN A 65.27.58.186 subdomain.mezzweb.com. IN A 65.27.58.186 mezzweb.com. IN MX 0 ns1.mezzweb.com. |
|
#3
|
|||
|
|||
|
Ok, I am getting understand more clearly..
Thanks freebsd, Mezz |
|
#4
|
|||
|
|||
|
I am wondering would it be security hazel if I do *.mezzweb.com.? Cause the DNS spoof?
Code:
*.mezzweb.com. IN A 65.27.58.186 I got * from http://forums.devshed.com/showthrea...4030&forumid=36 .. Thanks, Mezz |
|
#5
|
|||
|
|||
|
Have a look at RFC 1912 (section 2.7), it's just a short paragraph so don't be lazy and go read it.
Here's the additional info from me (not covered in RFC): Most admins use wildcard only on MX but wildcard slows things down so don't use it if at all possible. Just use explicit record, don't use wildcard. Q1: I have a lot of subdomains and I run BIND, therefore I want to use wildcard on A record to point all of them to my IP 12.34.56.78. A1: That's BIND ugly and inefficient zone format problem. When you have over 1000 A records in a BIND zone, it's very inefficient (not in tinydns because it's a thousand time faster). But using a wildcard on A just make your life easier on administering your zone, it actually is slower than defining one by one explicitly. If you are that type of lazy admin, your boss will likely fire you shortly, if you don't fire yourself. Q2: I don't have that many subdomains, but I do need to rely on the subdomain part for my dynamic site so people requesting foo.domain.com internal redirects to www.domain.com/index.php?foo A2: That's your design flaw, you shouldn't rely on foo.domain.com in the first place. Q3: Why? A3: Because your implementation is wasting your server resources when you can simply use: www.domain.com/foo -> www.domain.com/index.php?foo Note, when you make a query and its DNS turns out to be a wildcard, you don't cache the *, you cache each answer individually. |
|
#6
|
|||
|
|||
|
Yes, I already read this other days ago.. I am asking about if it can cause the security hazel such as DNS spoof or whatever too.. It's not important, because I ain't going to do wildcard on A anyway..
Thanks, Mezz |
|
#7
|
|||
|
|||
|
Probably not DNS spoofing. Please read RFC 1912 section 2.7 as it covers several security concerns.
|
![]() |
| Viewing: Dev Shed Forums > System Administration > DNS > subdomain, cname or zone? |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
|
|