If you are in control of the authoritative nameserver, the first step is to create a reverse DNS zone. The hostname for the zone has to be in a very specific format. It starts with a portion of your IP address written backward followed by. If for example your IP address is Finally, append. In our example, If everything went properly, you should see something like the following the next time you run the DIG Web Interface Tool :.
Matthew Mombrea is a software engineer, founder of Cypress North , and a technology enthusiast. The opinions expressed in this blog are those of the author and do not necessarily represent those of ITworld, its parent, subsidiary or affiliated companies. Now delete the two records at the end of the file after the SOA record.
Then add PTR records for all of your servers whose IP addresses are on the subnet of the zone file that you are editing. In our example, this includes all of our hosts because they are all on the Be sure to substitute names and private IP addresses to match your servers:. Save and exit the reverse zone file repeat this section if you need to add more reverse zone files.
If your named configuration files have no syntax errors, you will return to your shell prompt and see no error messages. If there are problems with your configuration files, review the error message and the Configure Primary DNS Server section, then try named-checkconf again.
The named-checkzone command can be used to check the correctness of your zone files. Its first argument specifies a zone name, and the second argument specifies the corresponding zone file, which are both defined in named.
When all of your configuration and zone files have no errors in them, you should be ready to restart the BIND service. In most environments, it is a good idea to set up a secondary DNS server that will respond to requests if the primary becomes unavailable.
Luckily, the secondary DNS server is much easier to configure. Save and exit named. Define slave zones that correspond to the master zones on the primary DNS server. If you defined multiple reverse zones in the primary DNS server, make sure to add them all here:.
Now you must configure your servers to use your private DNS servers. Add the following lines to the file substitute your private domain, and ns1 and ns2 private IP addresses :. Then add the following lines to the TOP of the file substitute your private domain, and ns1 and ns2 private IP addresses :. Use nslookup to test if your clients can query your name servers. For example, we can perform a forward lookup to retrieve the IP address of host1.
The output of the command above would look like the following:. If all of the names and IP addresses resolve to the correct values, that means that your zone files are configured properly. If you receive unexpected values, be sure to review the zone files on your primary DNS server e. Your internal DNS servers are now set up properly!
Now we will cover maintaining your zone records. Now that you have a working internal DNS, you need to maintain your DNS records so they accurately reflect your server environment. Whenever you add a host to your environment in the same datacenter , you will want to add it to DNS. Here is a list of steps that you need to take:. If you remove a host from your environment or want to just take it out of DNS, just remove all the things that were added when you added the server to DNS i.
This makes configuration of services and applications easier because you no longer have to remember the private IP addresses, and the files will be easier to read and understand. Also, now you can change your configurations to point to a new servers in a single place, your primary DNS server, instead of having to edit a variety of distributed configuration files, which eases maintenance.
Once you have your internal DNS set up, and your configuration files are using private FQDNs to specify network connections, it is critical that your DNS servers are properly maintained. If they both become unavailable, your services and applications that rely on them will cease to function properly.
This is why it is recommended to set up your DNS with at least one secondary server, and to maintain working backups of all of them.
I mean I don't have any PTR-records. My problem is that I don't know how to set those PTR records for mail. I have tried to google many hours and so on but I can't set it. Probably nothing you can set yourself. It a record under your IP number not your domain name. If you are experiencing that sent mails end up in the trash can! The PTR record should point to the domain name sending the mail. For DigitalOcean you would need to set the droplet name the same as the domain name and the PTR will be configured automatically.
If you want to rename a droplet, go to its page in the Control Panel, click directly on the existing Droplet name, and enter a new name there. There are two things to keep in mind. That new name has to be a fully-qualified domain name - that means that "example. Also, if you're using IPv6 on your droplet, a PTR record will only be generated for the first IPv6 address assigned to the droplet, not all 16 IPv6 addresses which are available to the droplet.
Stack Overflow for Teams — Collaborate and share knowledge with a private group. Create a free Team What is Teams? Collectives on Stack Overflow. Learn more. How to set PTR-records for mail server? Asked 7 years, 10 months ago. Active 4 years, 6 months ago.
0コメント