[dvlug] How to do dvlug.org DNS

Rick Moen rick at linuxmafia.com
Mon Apr 6 20:42:43 PDT 2009

Grant said:

> Ok, I've got the domain name now.

I have no idea how many folks here know how to serve up authoritative
DNS, so I'll try to assume little-to-nothing.  Grant's done the first

1.  Register dvlug.org.  Yay!  Grant did it through GoDaddy, a budget
domain registrar.  To see what Grant has, do "whois dvlug.org | more".
(MS-Windows users, download the Cygwin version of whois.exe, dig.exe,
and host.exe, here:  http://members.shaw.ca/nicholas.fong/dig/)

Currently, there are two DNS nameservers ({NS33|NS34}.DOMAINCONTROL.COM)
for the domain.  For "www.dvlug.org", they currently say:

 $ dig www.dvlug.org +short

That's going to a GoDaddy "domain parking" Web site.  Basically, GoDaddy
gets ads revenue from the domain until the owner decides to point it at
something real.

"dig" is a diagnostic tool for checking out DNS contents.  If you've 
heard of "nslookup", it's a replacement for that thing, which is
obsolete and buggy.

2.  Set up at least two (recommended minimum quantity = 3) nameservers
for the domain.  Any machine on a static IP will do, becauses there's
authoritative nameserver software for damned near any OS, and some
really good ones for Linux that will run just fine on a 486 with 64 MB
RAM and a 2.1 GB hard drive.  Example:  "NSD".  Description and site
link: http://linuxmafia.com/faq/Network_Other/dns-servers.html#nsd
Article:  http://www.linux.com/feature/46016 Operating tips:
http://linuxmafia.com/pipermail/sf-lug/2009q1/006448.html (Scroll down
to "NSD is an".)

Here's a good prototype zonefile you could have as file dvlug.org.zone
as data for either NSD or BIND9.

$ORIGIN dvlug.org.
$TTL 86400  ; 1 day
@       IN      SOA     ns1.svlug.org. hostmaster.dvlug.org. (
                                2009040600 ; serial
                                7200       ; refresh (2 hours)
                                3600       ; retry (1 hour)
                                2419200    ; expire (28 days)
                                259200     ; negative TTL (3 days)
; ns1.svlug.org is SVLUG's Linode host.
        IN      NS      ns1.svlug.org.
; ns3.svlug.org is an alias for Rick Moen's ns1.linuxmafia.com nameserver.
        IN      NS	ns3.svlug.org.
        IN      A
        IN      MX      10 dvlug.org.
        IN      TXT     "v=spf1 a mx ptr -all"
lists   IN      A
mail    IN      A
www     IN      A

A zonefile defines all the records in a domain's DNS.  The "A" records
are the regular forward-lookup records that people usually think of.
The above "A" records map all of the following names to placeholder IP
"":  dvlug.org, lists.dvlug.org, mail.dvlug.org, and www.dvlug.org.
(You would obviously want to substitute one or more real IP, to reach
the machines where you'll be needing those names to point.)

"MX" stands for Mail eXchanger, and is where incoming SMTP e-mail (if
any) should go.

"NS" entries designate where your DNS nameservers are.  Above, I include
the two I can volunteer.

There are other parts of that, notably the multiline "SOA" record and
the spf "TXT" record, which I'm not explaining here in the name of

2a.  Get the admins of those "NS" machines to serve the DNS, and all but
one of them to pull the data from the master nameserver.  (I.e., talk to
them, get them to do it, get them to confirm that it works.)

Any of your nameservers can be the source of the data to the others.
In the above prototype setup, I've put the SVLUG nameserver as master.  

3.  Get the domain owner ("Registrant"), in this case Grant, to change
the domain records to list those nameservers, and no others, as the
authoritative servers for the domain via his domain registrar's (in this
case, GoDaddy's) administrative interface for domain owners.  This last
step points the public at the data you've set up.

You will, from time to time, want to change the zonefile contents at the
master nameserver.  This is why the _ideal_ setup is to have the master
DNS be at a machine where you have administrative access.  That way, you
don't have to bother other folks just to manage your own DNS.

If y'all want the use of my and SVLUG's nameservers, or further help
understanding DNS, please let me know.  At this point, over to you!

dvlug mailing list
dvlug at linuxmafia.com

More information about the dvlug mailing list