Ajcody-Hostname-DNS: Difference between revisions

Line 180: Line 180:
===Split-DNS - But I Already Have Bind Running Internally?===
===Split-DNS - But I Already Have Bind Running Internally?===


You should investigate using ACL's and the zone options for BIND to effective setup the "purpose" of split-dns situation without actually running it on a separate server.
You should investigate using ACL's and the views options for BIND to effective setup the "purpose" of split-dns situation without actually running it on a separate server.


Please see:
Please see:


* [http://www.zytrax.com/books/dns/ch7/acl.html]
* [http://www.zytrax.com/books/dns/ch7/acl.html BIND ACL's]
* [http://www.zytrax.com/books/dns/ch7/view.html]
* [http://www.zytrax.com/books/dns/ch7/view.html BIND Views]
* [http://www.knowplace.org/pages/howtos/split_view_with_bind_9_howto.php]
* [http://www.knowplace.org/pages/howtos/split_view_with_bind_9_howto.php Simple How-to For ACL's & Views]


===Other Variables That Are Effected By Lookups===
===Other Variables That Are Effected By Lookups===

Revision as of 17:14, 18 December 2008

Attention.png - This article is NOT official Zimbra documentation. It is a user contribution and may include unsupported customizations, references, suggestions, or information.

Hostname And DNS Issues

Actual Hostname And DNS Issues Homepage

Please see Ajcody-Hostname-DNS

Hostname resolution issues and testing commands

Allot of failed installs are because administrators are skipping the steps to make sure resolution is working.

Check your /etc/hosts file. You should have the localhost similar to the one below. Your ZCS server name should be replaced with the zimbra.test.com and zimbra fields. The IP address should be the IP address bound to the network interface [ip addr or ifconfig -a to confirm].

127.0.0.1	localhost.localdomain	localhost
192.168.0.1	zimbra.test.com         zimbra

If your ZCS server is behind a firewall or is being NAT'd. Make sure that resolution for the hostname on the ZCS server returns the internal IP information rather than the external IP. To test:

hostname -f
zimbra.test.com

or

domainname -f
zimbra.test.com

As long as one of the above returns the full hostname, use the command for the following. The MX lookups depend on how you are doing your mail domain and server hostname.

host `hostname -f`
 zimbra.test.com has address 192.168.0.1
host -t MX `domainname -f`
 zimbra.test.com mail is handled by 10 zimbra.test.com.
host -t MX `domainname -d`
   test.com mail is handled by 10 zimbra.test.com.

You should also have reverse records (PTR) as well. Replace 192.168.0.1 using your internal ip address, it should return something like:

host 192.168.0.1
1.0.168.192.in-addr.arpa domain name pointer zimbra.test.com

Please review wiki page on split-DNS. This also shows the basics of actually setting up DNS/Bind on Linux:

http://wiki.zimbra.com/index.php?title=Split_DNS

The following is a more complete how-to for setting up DNS/Bind:

http://www.zimbrablog.com/blog/archives/2007/06/making-zimbra-bind-work-together.html/

lmtp_host_lookup

Also review the variable lmtp_host_lookup to see if it applies to your situation:

http://bugzilla.zimbra.com/show_bug.cgi?id=27988

su - zimbra
postconf | grep host_lookup
postconf -e lmtp_host_lookup=native
postfix reload

smtp_host_lookup

Similar to above.

disable_dns_lookups

Similar to above.

Local DNS-BIND Configuration Example

The full blown example on setting up BIND is at Split_DNS article.

Detailed Example Zone Files

This example is from a CentOS5 test box I have behind a firewall. I actually setup a dynamic dns using a valid domainname, I've replaced my "real" domainname below with "example". I'm using DynDNS to do this.

Directory Structure

The default setup is a chroot configuration of BIND.

  • The root of the configuration files is /var/named/chroot/ .
  • The general bind configuration files are in /var/named/chroot/etc/
    • Files you'll have there:
      • db.cache
      • localtime
      • named.conf
      • rndc.key
  • The directory where your zone files will reside is /var/named/chroot/var/named/
    • I have in this directory the following:
      • data (a directory that's empty)
      • slaves (a directory that's empty)
      • internal.example.com.hosts (file for A, NS, MX, CNAME, etc. records)
      • 0.168.192.rev (file for PTR records)
/var/named/chroot/etc/named.conf example

Here's my named.conf file I'm using:

options {
        directory "/etc";
        pid-file "/var/run/named/named.pid";
        };

zone "." {
        type hint;
        file "/etc/db.cache";
        };

zone "internal.example.com" {
        type master;
        file "/var/named/internal.example.com.hosts";
        };
zone "0.168.192.in-addr.arpa" {
        type master;
        file "/var/named/0.168.192.rev";
        };
/var/named/chroot/var/named/internal.example.com.hosts

The _xmpp-server._tcp entries are related to jabber/xmpp and shouldn't be necessary for a default zimbra install. I'll leave them here just for a reference in case they are useful for others depending on the circumstances.

I had a second test box "mail4" at one point but I shut it down.

The one MX record with the starting blank space :

                IN      MX      10 mail3

would "assume" for the internal.example.com domain.

My only physical box is "mail3". The other names and domains are done so I can configure multiple domains on this box. The blank space MX record (for internal.example.com) is also setup on mail3. So, in total my mail3 box has zimbra configured to handle mail for these five domains:

  • internal.example.com
  • mail3.internal.example.com
  • secondary.internal.example.com
  • move.internal.example.com
  • alias.internal.example.com
$ttl 38400
internal.example.com.  IN      SOA     internal.example.com. ajcody.mail3.internal.example.com. (
                        1207910051
                        10800
                        3600
                        604800
                        38400 )
                IN      NS      mail3
                IN      MX      10 mail3
mail3           IN      MX      10 mail3
secondary       IN      MX      10 mail3
move            IN      MX      10 mail3
alias           IN      MX      10 mail3
mail4           IN      MX      10 mail4
mail3           IN      A       192.168.0.16
mail4           IN      A       192.168.0.17
_xmpp-server._tcp       SRV      5 0 5269 mail3
_xmpp-server._tcp.mail3         SRV     5 0 5269 mail3
_xmpp-server._tcp.secondary     SRV     5 0 5269 mail3
_xmpp-client._tcp       SRV      5 0 5269 mail3
_xmpp-client._tcp.mail3         SRV     5 0 5269 mail3
_xmpp-client._tcp.secondary     SRV     5 0 5269 mail3
/var/named/chroot/var/named/0.168.192.rev
$ttl 38400
$ORIGIN 0.168.192.in-addr.arpa.
@       IN      SOA     mail3.internal.example.com. ajcody.mail3.internal.example.com. (
                        1207910558
                        10800
                        3600
                        604800
                        38400 )
                                IN      NS      mail3.internal.example.com.
16                              IN      PTR     mail3.internal.example.com.
17                              IN      PTR     mail4.internal.example.com.

Split-DNS - But I Already Have Bind Running Internally?

You should investigate using ACL's and the views options for BIND to effective setup the "purpose" of split-dns situation without actually running it on a separate server.

Please see:

Other Variables That Are Effected By Lookups

zimbraInboundSmtpHostname New In 5.0.11

f your MX records point to a spam-relay or any other external non-Zimbra server, enter the name of that server in the Inbound SMTP host name field. This check compares the domain MX setting against the zimbraInboundSmtpHostname setting, if set. If this attribute is not set, the domain MX setting is checked against zimbraSmtpHostname.

zimbraSmtpHostname

zimbraMtaRelayHost

zimbraMtaDnsLookupEnabled

zimbraAdminConsoleDNSCheckEnabled

Jump to: navigation, search