Hello!

I am trying to get my dns set up in the way knightfoo described where the primary, a.ns.mydomain.net in my case, is the master from which the two geodns servers download information.

I'm running djbdns on my debian server instead of bind, and it is working fine; I have also set up all my domains in the sb dns tool as slaves. However, checking the status of mydomain.net's dns today at dnsreport.com, I get:

ERROR: You have one or more lame nameservers. These are nameservers that do NOT answer authoritatively for your domain. This is bad; for example, these nameservers may never get updated. The following nameservers are lame: 66.139.72.20 66.139.72.14

And

ERROR: One or more of the nameservers listed at the parent servers are not listed as NS records at your nameservers. The problem NS records are: ns2.geodns.net. ns1.geodns.net.

I figure either I've missed some step where I have to let djbdns know that ns1 and ns2 .geodns.net are nameservers for my domains, or that the dns tool is somehow incompatible with non-bind dns files? Help appreciated.

Also, I'm assuming I need to set up reverse dns myself with this type of setup...

Originally posted by des
Hello!

I am trying to get my dns set up in the way knightfoo described where the primary, a.ns.mydomain.net in my case, is the master from which the two geodns servers download information.

I'm running djbdns on my debian server instead of bind, and it is working fine; I have also set up all my domains in the sb dns tool as slaves. However, checking the status of mydomain.net's dns today at dnsreport.com, I get:



And



I figure either I've missed some step where I have to let djbdns know that ns1 and ns2 .geodns.net are nameservers for my domains, or that the dns tool is somehow incompatible with non-bind dns files? Help appreciated.

Also, I'm assuming I need to set up reverse dns myself with this type of setup...

A long time ago I tried to get djbdns working .. it worked OK as a root nameserver, but I found it more of a hassle than it was worth for standard DNS services. Personally, I have never had a server exploited or DoS'ed as a result of BIND, so i just use BIND. When the GeoDNS nameservers request an AXFR (zone transfer), djbdns should output information that BIND will accept .. if it does not, it is breaking DNS protocols and should not be used. You will not (and should not) set up reverse DNS for your IP addresses.

-knightfoo

Ahh. I'm partial to djbdns as it is extremely easy to set up as a .deb package and the configuration files are much simpler than BIND's. But after doing some digging I've found that it doesn't accept NOTIFY and zones don't migrate, apparently there is some extra stuff I need to do...

The djbdns site has some FAQ entries on the topic, one of which is "BIND 9 won't accept AXFRs from djbdns!" I'm guessing this might be the problem, assuming GeoDNS runs BIND 9? Apparently there's a patch for it, I'll give it a try.