Virtual DNS questiona and reverse lookup table conflicts

Daniel B. Thurman dant at cdkkt.com
Sun Dec 7 23:09:08 UTC 2008 

John Austin wrote:
> On Sun, 2008-12-07 at 09:19 -0800, John Cornelius wrote:
>   
>> Daniel B. Thurman wrote:
>>     
>>> [WARNING!  This is a long discussion!]
>>>
>>> Is it possible to have a single DNS server support
>>> two different domain names, with each domain
>>> name having it's own forward and reverse lookups?
>>>
>>> The problem I seem to run into is that of reverse
>>> lookups; I cannot seem to figure out just how to
>>> have common reverse IP lookups separated so that
>>> it returns the correct domain name based on the
>>> domain name itself.
>>>
>>>       
>> ---------------Snip------------------
>>     
>>> My goal here is to support redundancy by having two
>>> separate servers, each supporting two domain names
>>> so that if one server drops dead, the other server will
>>> take over and also, I really do not want to have 4 different
>>> servers, two for each domain name so, it is about cost
>>> as well.
>>>
>>> Does this scenario make any sense at all?
>>>
>>> I have looked for examples on the Internet but I could
>>> not find anything that can shed some light on this. Perhaps
>>> someone can point me in the right direction or - perhaps this
>>> is a nutty idea and there is a better way?
>>>
>>> Kind regards,
>>> Dan
>>>
>>>       
>> The difficulty with what you want to do may be that you shouldn't want 
>> to do it.
>>
>> DNS is actually two sets of services namely address resolution for 
>> domain names and name resolution for Internet addresses.
>>
>> In the first instance any number of domain names can resolve to a single 
>> address i.e., mail.x.net and www.y.net can both resolve to the same IP 
>> address. This information is set up for each domain irrespective of what 
>> the IP address is. Indeed, and domain name can resolve to several IP 
>> addresses for load balancing or redundancy.
>>
>> In the second instance an IP address can only resolve to a single 
>> Internet domain name and the reverse lookup resolution often is done on 
>> a computer that is different than the computer providing the forward 
>> resolution because it must be done by the entity that owns the network 
>> e.g., your ISP.
>>
>> When a remote host looks up the name of a computer through reverse DNS 
>> lookup it only provides the address to the server registered as the 
>> owner of the address space and each address can have only one 
>> (canonical) name at any given instant. If it were otherwise the name 
>> server would never know which name to return in response to the reverse 
>> lookup query.
>>     
> My ISP (Eclipse) permits the alteration of the "reverse zone" file on
> their Server such that it matches the Forward zone file used my Name
> Registration Co (123reg)
>
> I used to test for reverse lookup on my mail server until I
> lost some important mail! 
> --------------------------------------
> host -v baa.com
> ;; ANSWER SECTION:
> baa.com.		60043	IN	A	83.98.101.4
>
>
> [root at tarifa ~]# host -v 83.98.101.4
> Trying "4.101.98.83.in-addr.arpa"
> Received 42 bytes from 148.197.29.5#53 in 36 ms
> Trying "4.101.98.83.in-addr.arpa"
> Host 4.101.98.83.in-addr.arpa. not found: 3(NXDOMAIN)
> Received 42 bytes from 148.197.29.5#53 in 31 ms
>
>   
>> -- 
>>
>> John Cornelius
>>
>> "I may not be totally perfect, but parts of me are excellent."
>> Ashleigh Brilliant, 1979
>>
>>     
>
> I apologise for entering the discussion late but I am interested in
> understanding more !
>
> Why is it necessary to have the same machine in two different domains?
>   
Hmm... sounds reasonable...  so, do you mean that you can have a primary dns
on machine1 for domain1 and a secondary dns for domain1 on machine 2 and
then have a primary dns  on  machine2 for domain2 and a secondary dns
on  machine1 for domain2?  If so, then for two domain names, you use two
machines?  If so, that would work for me.  But then again, what if you add a
3rd domain name?  It might not be possible?
> Is not a slave server with "identical" zone files better/easier for
> backup purposes.
>
> If two domains are really essential is it possible to
> have the ethernet interfaces configured with two separate
> IP ranges such that two reverse zone files are valid?
> something like
> ip a a 192.168.1.4/24 dev eth0
> ip a a 192.168.2.4/24 dev eth0
>
> John
>   
Hmm...  splitting unique IPs across network cards (multi-homing)?  I
wonder where the complexity kicks in, under this scheme.

As I said earlier, I was simply trying to save on hardware cost and yet
get hardware redundancy to boot!  Seems that is what clustering is for,
but that is a bit more than I can chew at the moment.  I suppose another
way is to use a Cisco router that does the heavy lifting and simply 
load-balance
across the DNS server farms like they do for website server farms but 
then again
Cisco  hardware ain't cheap, esp. for a home system, FWIW.

This whole thing started because it is recommended that you have two dns
servers for fail-over/redundancy - of which I haven't been able to solve 
(yet).

Kind regards,
Dan

More information about the fedora-list mailing list