Hi all
I have try this morning to add a secondary dns... and allow transfert to get 2 dns in different subnets.
the first DNS is working correctly
[root@hxxxxm ~]# ping ns1.hxxxxm.net
PING ns1.hxxxxm.net (107.xxx.65.233) 56(84) bytes of data.
64 bytes from hxxxxm.net (107.xxx.65.233): icmp_seq=1 ttl=64 time=0.031 ms
But the second one give me a diffrent IP when i try to ping it from the kloxo-mr master server
[root@hxxxxm ~]# ping ns2.hxxxxm.net
PING ns2.hxxxxm.net.net (52.50.81.210) 56(84) bytes of data.
Kind of DNS poisining...
in kloxo i created A zone with my secondary dns... and changed __base__ on ns2 with ns2
The kloxo generated zone file:
;;; begin - dns of 'hxxxxm.net' - do not remove/modify this line
$ORIGIN hxxxxm.net.
$TTL 1209600
hxxxxm.net. IN SOA ns1.hxxxxm.net. admin.hxxxxm.net. ( 2017013134 3600 1800 604800 3600 )
hxxxxm.net. IN NS ns1.hxxxxm.net.
cp.hxxxxm.net. IN A 107.xxx.65.233
hxxxxm.net. IN A 107.xxx.65.233
ns1.hxxxxm.net. IN A 107.xxx.65.233
ns2.hxxxxm.net. IN A 92.xxx.103.12
mail.hxxxxm.net. IN A 107.xxx.65.233
www.hxxxxm.net. IN A 107.xxx.65.233
ftp.hxxxxm.net. IN A 107.xxx.65.233
stats.hxxxxm.net. IN A 107.xxx.65.233
webmail.hxxxxm.net. IN A 107.xxx.65.233
lists.hxxxxm.net. IN A 107.xxx.65.233
smtp.hxxxxm.net. IN CNAME mail.hxxxxm.net.
pop.hxxxxm.net. IN CNAME mail.hxxxxm.net.
imap.hxxxxm.net. IN CNAME mail.hxxxxm.net.
hxxxxm.net. IN MX 10 mail.hxxxxm.net.
ns2.hxxxxm.net. IN NS ns2.hxxxxm.net.
_domainkey.hxxxxm.net. IN TXT "t=y; o=-; r=admin@hxxxxm.net"
private._domainkey.hxxxxm.net. IN TXT ("v=DKIM1; g=*; k=rsa; "
"p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDDUtm7wFK0JXhY48yTNeZkiA2S"
"zWs/5uUCdvMKz2C//TmWqD7M+KLx9McZzvAGnDuuuj5fcGNlAVQCWoKd6F+yTm95"
"PhawlIO372Dmux6reblmT6/uJGXDNjNOF4F9Ia43Q9qrIOz7sFHRSiV9FOjPKJZO"
"CtpUgcrzCfRNnhU+AwIDAQAB")
hxxxxm.net. IN TXT "v=spf1 a mx ip4:107.xxx.65.233 ~all"
_dmarc.hxxxxm.net. IN TXT "v=DMARC1; p=none; pct=20; rua=mailto:admin@hxxxxm.net"
;;; end - dns of 'hxxxxm.net' - do not remove/modify this line
I have a remark for this auto generated dns template
(maybe i m wrong):
- 1209600 would be
default rfc expiration and not $TTL must be corrected. Default TTL could be 86400
- the 604800 should be the default 1209600 RFC one.. the famous
(14days-28days)...
RFC 1912 recommends 1209600-2419200 is for default expiration and not default $TTL... the template have generated 604800 for the expiration date...
is any body have try to get working the secondary dns?