View Single Post
  #4  
Old 9th May 2008, 01:25
catdude catdude is offline
Senior Member
 
Join Date: Jun 2007
Posts: 178
Thanks: 1
Thanked 12 Times in 11 Posts
Default

Not to worry; DNS is a complex subject and has been known to reduce grown men to tears.

When I enter your URL into my browser, my machine's resolver process looks in it's own cache of known IP addresses. If I haven't been to your site recently it won't be there, so no help. My resolver then asks my ISP's cacheing name server for your IP address. If nobody on my ISP has been to our site recently, that won't return an answer either. So my resolver then asks the nearest root server.

The root server looks up the info it has on your domain, which should consist of your NS records (which name server is supposed to have authoritative DNS info for your domain). The root server returns the addresses of your name servers to my resolver.

My resolver then sends it's request to your name server. Your name server then says "the machine that serves up that URL can be found at IP address 1.2.3.4". My browser then sends it's HTTP request packet to the returned IP address.

How did the root server know what name server to send back to my resolver? You told it. When you log into your Yahoo page and go into the domain management pages, the "primary nameserver" and "secondary nameserver" fields are the info that gets sent to the root nameservers. The machines you put in these fields are going to get DNS requests for all machines in your domain. If you enter the IP address of your machine (the external static IP address), then those DNS requests will go to your ISPConfig machines. If those fields contain yns1.yahoo.com and yns2.yahoo.com (as they did a little while ago), those queries will go to Yahoo, and Yahoo will return "not found" replies.

As part of the ISPConfig install you set up ISC's bind9 (running as a process called "named"). Bind9 is quite capable of serving up all of your DNS needs, and it's quite reasonable to have your machine run as both web server and name server. You just need to make sure that your router knows to pass port 53 and port 80 to your machine, and if you're running iptables on your server you need to make sure that those ports aren't blocked.

If you want to ask questions but don't want to do so here, feel free to e-mail me directly. My address is dan at catfolks dot net.
Reply With Quote