• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

News:

Welcome to Hurricane Electric's Tunnelbroker.net forums!

Main Menu

CNAMEs on HE DNS

Started by fewlishfox, June 08, 2010, 08:32:02 AM

Previous topic - Next topic

fewlishfox

I have delegated fewlishfox.co.uk to HE's nameservers. I have added an A record for the particular machine I want, and I'm trying to add CNAMEs for the various services it hosts.

For example, here's the zone file from my internal nameserver. I'm aware that it's somewhat crufty because I host services on the same machine as the nameserver. Most of the CNAMEs have been omitted.


$ORIGIN fewlishfox.co.uk.                                       ; Define the origin for relative names
                                                                ; (this is appended to all below names without a trailing .
                                                                ; and replaces all instances of @ )

                                                                ; Define the Start Of Authority for the namespace

@                   IN      SOA     ns1.fewlishfox.co.uk.       hostmaster.fewlishfox.co.uk. (
                                        2010030902              ; serial        (YYYYMMDDrr)
                                        1800                    ; refresh       (30 minutes)
                                        900                     ; retry         (15 minutes)
                                        1209600                 ; expire        (2 weeks)
                                        1200                    ; minimum TTL   (20 minutes)
                                    )

@                   IN      A       192.168.2.50                ; Define the address for fewlishfox.co.uk itself
@                   IN      NS      ns1.fewlishfox.co.uk.       ; Define the nameserver for the namespace
@                   IN      MX      10  mail.fewlishfox.co.uk.  ; Define the mail exchanger for the namespace
_nfsv4idmapdomain   IN      TXT     "fewlishfox.co.uk"          ; Define an anciliary record to facilitate NFSv4 ID mapping
ns1     IN     A     192.168.2.50 ; Define the address for the nameserver (since it can't be a CNAME)
mail             IN      A       192.168.2.50                ; Define the address for the mail exchanger (since it can't be a CNAME)

                                                                ; Define alternative names for fewlishfox.co.uk

ntp                 IN      CNAME   @
nfs                 IN      CNAME   @
radius              IN      CNAME   @
ldap                IN      CNAME   @


Attempting to add CNAMEs in a similar fashion through the HE DNS web interface, for example

Name: test.fewlishfox.co.uk
Data: @

or
Name: test.fewlishfox.co.uk
Data: fewlishfox.co.uk


fails with the error "CNAME must not loop back (rfc1912).". I can't find anything that forbids this practice in RFC1912, and in fact it seems to be recommended.
Also, confusingly, I'm sure I was able to add CNAMEs of this type immediately after registering a few days ago. Is this a recent change?

broquea

You should be emailing problems/bugs to dnsadmin@he.net

Those working on dns.he.net don't read the tunnelbroker forums; or if they do, not very often if at all.

We even have that little blurb on dns.he.net:Bugs or feature requests should be directed to dnsadmin@he.net.


fewlishfox

Ah, sorry, it crossed my mind that this might not be the appropriate place, but I thought I'd see if another user had found the problem before raising a ticket. By all means clean this up and I'll take it to e-mail.

snarked

Bug or design issue?  You're trying to define RFC 1918 "local" address in a globally available zone file.  Such is generally considered inappropriate.

You should probably be using your IPv4 external addresses (and of course, your IPv6 assignment) in the public copy of the zone.

fewlishfox

No, I'm not. Perhaps I should have made that clearer. I included a copy of my private network zone file purely as an example of the CNAMEs I'm trying to create. The records I define on the HE nameservers refer to the external addresses.

gshaver

I'll take a look at this.

ntp.example.com is obviously != example.com

The checking code that was put in place is obviously incorrect.

Thanks for the bug report,
Gary

gshaver

hmm.. Well that was an easy one.

You should be able to add the cname records now.

Regards,
Gary

fewlishfox

Thanks Gary, much appreciated :)