0

I used to have my web and email services on the same machine, on the same IP address, so my DNS Zone was relatively simple.

Now, I am setting-up 2 separate machines, for Web server, and for Email server.

  • Server #1 for Web services : 212.100.12.345
  • Server #2 for Email services : 212.100.56.789

After hours of researching, learning and self-testing, I am stuck when setting my DNS zone : everything on my MAIL server (Server #2) won't ping correctly. I obviously have properly created the DNS records on both machines.

On the Server #1 (212.100.12.345), I need to have :

  • ftp.mydomain.com
  • www.mydomain.com

On the Server #2 (212.100.56.789) I need to have :

  • mail.mydomain.com
  • webmail.mydomain.com

Here is the current DNS Zone I've set-up, without success :

$TTL 3600
@   IN SOA dns200.anycast.me. tech.ovh.net. (2017021601 43200 3600 1209600 600)
             IN NS     dns200.anycast.me.
             IN NS     ns200.anycast.me.
             IN A      212.100.12.345
             IN MX 1   mail.mydomain.com.
ftp              IN CNAME  mydomain.com.
www              IN CNAME  mydomain.com.
mail             IN A  212.100.56.789
pop              IN CNAME  mail.mydomain.com.
webmail          IN CNAME  mail.mydomain.com.

Should I correct anything ? (Yes : but what ^!^)

Should I add some record to the DNS records on my Server #1, in order to "re-route" traffic for mail.mydomain.com to the Server #2 ?

Thank you if you have any clue ;)

AlexLaforge
  • 206
  • 2
  • 13
  • what do you mean "won't ping correctly."? What is the actual response when you try to `ping mail.mydomain.com`? – user16081-JoeT Feb 16 '17 at 22:45
  • @user16081-JoeT The response was a first attempt, then 100% packet loss.In fact, that was due to.. a mispelling in my IP address (see my self-Anwser below). Sorry for the trouble, and thank you for your time to help ;) – AlexLaforge Feb 17 '17 at 01:48

3 Answers3

1

In fact, I'm ashamed ! ... I had forgotten a digit when writing the IP Address of my Server #2 (the one dedicated to my Email services) ! :-(

Basically, I had written 212.100.56.89 instead of 212.100.56.789 (the "7" was missing).

The DNS Zone is now 100%

I have added my missing character (damn "7"!) and obviously, Every subdomain now pings to the desired IP address :-)

Please note that when I first tried to add a Wildcard * as suggested by @M Sage, the IP address of the Server #1 was not able to route nor ping AT ALL (the mydomain.com was not found, even if the IP was properly written with no missing character).

So the Wildcard broke the whole zone in my case.

But despite of this, I thank you for suggesting me to try this ! It's always good to know, just "in case of" :)

So, for everyone reading this post in the future :

  • No Need to add any @
  • No Need to add any * (even if your DNS Zone is managed by OVH, it is not needed at all in this case).

To conclude, The correct DNS Zone is exactly the same as the one I posted in my original question. Please be sure to NEVER forget a number in your IP Addess (silly me !! ^!^)

Here is the final working DNS Zone :

$TTL 3600
@   IN SOA dns200.anycast.me. tech.ovh.net. (2017021705 43200 3600 1209600 600)
                 IN NS     ns200.anycast.me.
                 IN NS     dns200.anycast.me.
                 IN A      212.100.12.345
                 IN MX 1   mail.mydomain.com.
ftp              IN CNAME  mydomain.com.
www              IN CNAME  mydomain.com.
mail             IN A      212.100.56.789
pop              IN CNAME  mail.mydomain.com.
webmail          IN CNAME  mail.mydomain.com.
AlexLaforge
  • 206
  • 2
  • 13
  • This is one reason why [we recommend you do not redact things when asking questions](http://meta.serverfault.com/q/963/126632). – Michael Hampton Feb 17 '17 at 03:13
  • 212.100.56.789 is not a valid IP address – Patrick Mevzek Feb 18 '17 at 13:53
  • @Patrick Mevzek For sure this IP is not valid : I obviously obfuscated this IP for posting here on SO. – AlexLaforge Feb 19 '17 at 11:27
  • @Michael Hampton♦ The mistake I made was on the real IP (the one you never saw and will never see), not on the fake one 212.100.56.789. Thank you for linking me to these guidelines I already have read. – AlexLaforge Feb 19 '17 at 11:27
  • I think it is easier to debug problems with the true information, without obfuscation. Even more when the obfuscation is clearly completely wrong. – Patrick Mevzek Feb 19 '17 at 17:15
0

Taking a stab, I think you need an at sign @ beginning the line with IN A 212.100.12.345;

@  IN A      212.100.12.345

and an at sign beginning the following line (MX) wouldn't hurt. 

@ MX 1   mail.mydomain.com.

(IN optional here)

user16081-JoeT
  • 1,948
  • 11
  • 18
0

Looking at your record, you are using OVH's dns servers.

You need to add * (not @ which is the norm) to this line:

  • IN A 212.100.12.345 Other than that it looks fine, it would be good to know the IP that it resolves to when you ping,
M Sage
  • 9
  • 4