[OT] Reverse DNS

T. Nifty Hat Mitchell mitch48 at sbcglobal.net
Wed Jun 30 05:15:46 UTC 2004


On Fri, Jun 25, 2004 at 05:20:15PM -0400, Mark Haney wrote:
> On Fri, 25 Jun 2004 23:07:35 +0200, Alexander Dalloz  
> <alexander.dalloz at uni-bielefeld.de> wrote:
> 
> >What is the advantage for your / your company to have the nameserver
> >under own control? And having DNS administered by Network Solutions does
> >not prevent you from running a DNS server your own. Forward and reverse
> >resolution can be managed by different servers / service agents
> >(companies).
> >
> >For running a mail server having a proper reverse resolution is no must
> >have. Of course it is recommended, because some providers started to
> >make that a requirement in the field of fighting nowadays SPAM.
.....

> >the safe side.
.....

> And I agree with all of that.  The only issue here is that my boss is  
> worse than paranoid.  He's one of these 'know enough to be dangerous' geek  
> wannabes and has all these fears and phobias over things.  He doesn't like  
> having DNS in house because he didn't have anyone to manage it (except for  
> me now) and like I said earlier he was concerned about domain availability  
> if the T1 went down and DNS was here.

How large is the domain and how difficult is it to make
changes/updates.  If it is only a handfull of hosts leave it outside
as part of a service.  And please do not expose the whole of your company
network to this mailing list.

Having the domain under your control is not the same as having it 
on a box inhouse.

Most companies have a small handfull of hosts on the Internet and all
the other boxes are in subdomains behind the gateways/firewalls/dmz.
This is where it pays to have a pair (backup) of Linux name servers
and mail hosts.   

All domains need an authorative secondary (backup).  That should be
done first and Linux/Unix runs on the most cost effective
hardware+software.  In the old days companies provided secondary
services for each other even when they were competitors in the market
place.

Backup strategy includes people like you (you boss has one key point correct).

Running a backup correctly can make detection and diagnosis of
external errors quick and yea even possible.

The names of subdomains can be political so make them generic and portable
so you do not have to swizzle too much stuff when a VP reorganizes.


-- 
	T o m  M i t c h e l l 
	/dev/null the ultimate in secure storage.





More information about the fedora-list mailing list