1 / 17

Externally vs. Internally Hosted DNS Recommendations and Best Practices

Presented January 9, 2007 at NYExUG Meeting. Externally vs. Internally Hosted DNS Recommendations and Best Practices. Ben Serebin Network Consultant REEF Solutions ben a t reefsolutions . c o m. Overview. Overview of DNS (ABC’s of DNS) Internal DNS Hosting (Pro’s & Con’s)

Download Presentation

Externally vs. Internally Hosted DNS Recommendations and Best Practices

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Presented January 9, 2007 at NYExUG Meeting Externally vs. Internally Hosted DNS Recommendations and Best Practices Ben SerebinNetwork ConsultantREEF Solutionsben a t reefsolutions . c o m

  2. Overview • Overview of DNS (ABC’s of DNS) • Internal DNS Hosting (Pro’s & Con’s) • External DNS Hosting (Pro’s & Con’s) • Recommendations For Your Environment

  3. DNS – Sounds More Complicated Than It Is!!! • DNS has many aliases: Domain Name System, Domain Name Server, Domain Name Services, etc. Why? Who Cares! • Basic Purpose is to make the internet easier to use for users. Explained… #’s to names. • Design of the DNS architecture makes it possible to be extremely distributed. • Summary: DNS is the blood of the internet. Without it, the patient dies.

  4. ABCs of DNS (disclaimer = this is simplified) DNS Has Different Purposes (aka records) • DNS has 2 main purposes (1 for Mail Servers & 1 for Web Servers). Temporarily forgetting about the other 8 or so. • The DNS record for Mail Servers are called Mail Exchangers (aka MX) records. • The DNS record for Web Servers are called host (aka A or address) records. Review – Important Your Understand This. Quiz Time • A = web servers • MX = mail servers

  5. ABCs of DNS = More Technically DNS has 4 important records for email admin’s • A, MX, NS, TXT • A record = host record. Basic building block for DNS. Every server using DNS on the internet has this entry. s can be used for any type of device with an IP address. You can list 1 or more IP to a hostname for clustering purposes. So the A record for www.nyexug.com is 216.27.64.44. • MX record = mail exchange record. Are only for email server entries. This entry explains to other mail servers which servers handle email for the domain and the order of which servers to connect to. So the MX record for reefsolutions.com looks like this….

  6. MX Record Explained In Detail • This is the real DNS MX response for reefsolutions.com (REEF) • reefsolutions.com has 3 MX entries (see type column). So, 3 mail servers will accept email for the users with the email address of reefsolutions.com. • Preferences (aka cost, priority) tell order for other mail servers to connect to REEF’s srvs. So, preference of 0 means, primary server.

  7. MX Record – How Old Are You? • TTL = Time to Live. This entry is used to tell other DNS servers how long to keep this entry in their cache. This entry (TTL) is present in all DNS entries. So, in this example b.reefsolutions.com, mail.pghost.com, and spamcop.reefsolutions.com have a TTL of 7200. This is in seconds, so converted that is 2 hrs of caching. This will vary by DNS hosting provider. • So, if I change the MX record, how long does it take to go live?

  8. DNS = Who Handles The Time? • NS record = name server. These are the servers that hold all the DNS information for your domain. In this example, reefsolutions.com has 5 name server records. So, normally, this would mean 5 DNS servers.

  9. Universal DNS Record??? • TXT record = This entry in DNS can be used to hold any information you want. This has commonly been used for an anti-spam technologies called Sender Policy Framework. There are a number of sites that explain how to set this up, but states which servers accept email for reefsolutions.com.

  10. Internal DNS Hosting (Pro’s & Con’s) Pro’s • Low Cost since you run DNS off your DNS servers • DNS changes can be quickly done • Fast DNS response time (aka latency) for internal users Con’s • More Complicated (split domains [public versus private records]) • Uses Your Company’s Bandwidth Up • Less Reliability • Less Secure (your DNS servers are open on the internet)

  11. External DNS Hosting (Pro’s & Con’s) Pro’s • More Bandwidth Available • More Reliability due to multiple sites • Ease of Use for changes • Faster for external servers especially when using Anycast DNS Con’s • Costs Money • Controlled by 3rd Party (trust their network)

  12. Recommendations for Your Environment Recommendations • Make sure your NS records contain 2 servers on different class C subnets [GOOD] • 3 or more DNS servers in different geographically locations [BETTER] • Use a DNS provider using Anycast technology (which provides clustered DNS service) [BEST] • Make sure you have 2 or more mail servers listed in MX. • Insure you have reverse DNS setup for your IP. This is handled by your ISP. Means, “tracert 69.31.40.115” shows spamcop.reefsolutions.com. Means, the IP belongs to this DNS record versus “4.sub-66-174-20.myvzw.com [66.174.20.4]”

  13. Resources for Presentation & Further Information • To check your DNS records and check your DNS timing, use dnsstuff.com. This will convince you to upgrade to Anycast DNS. • For Anycast DNS providers see DNSmadeeasy.com [recommend], UltraDNS.com, Netriplex.com, and Akamai.com • Contact your ISP to add a rDNS or PTR record for your mail server. • If you use hosted virus, spam, etc services for your Exchange Server, make sure you relay your mail via that vendor, otherwise if you do not list an MX record this can cause mail sending difficulties for your server.

  14. Presented January 9, 2007 at NYExUG Meeting Exchange Maintenance Recommendations Ben SerebinNetwork ConsultantREEF Solutionsben a t reefsolutions dot c o m

  15. Basic Maintenance for Your Server Recommendations • Check Event Logs for Exchange Errors. • Test Exchange to receive email via telnet. (http://support.microsoft.com/kb/153119) • Check your Exchsvr\MDBDATA directory to insure logs only are current date. • Launch ESM and make sure Mail Store and Public Store are running. • How Much Free Space is there (SP1 16GB, SP2 75GB)? • ESM under your server name and check the Queues. Make sure they are empty. See next page.

  16. Basic Maintenance for Your Server Recommendations • ESM under your server name and check the Queues. Make sure they are empty. See below.

  17. Presented January 9, 2007 at NYExUG Meeting Thank you for attending the NYExUG User Group Meeting.Benefits of Attending Meetings- pizza- raffle (1GB USB thumb drive)

More Related