Home / user-64015

John's questions

Martin Hope
John
Asked: 2010-12-22 07:55:18 +0800 CST
  • 6

I'm trying to wrap my head around the wonderful world on DNS.

I have created a zone file for example.com which contains:

@     A    1.2.3.4
*     A    1.2.3.4

However I am also setting up my local DNS, local.example.com which I have created a separate zone file for containing the following:

machine1     A    192.168.0.1
machine2     A    192.168.0.2

When I dig machine1.local.example.com it returns A record 192.168.0.1, great.

Sadly, badmachine.local.example.com returns 1.2.3.4, as does local.example.com.

I'm not sure of the best way to prevent this. If I add the following to the local.example.com empty A records are returned for the above 2 examples as is the behaviour I desire:

@     A
*     A

I want anything.example.com to use the wildcard EXCEPT anything in the local.example.com subdomain which I do not want to give a response unless specified. Essentially I need a wild card with one exclusion.

Is this allowed? Is this best practice, or am I doing things terribly wrong? I'm using PowerDNS with BIND backend.

Thanks for your thoughts!

domain-name-system bind a-record powerdns
Martin Hope
John
Asked: 2010-12-18 10:52:02 +0800 CST
  • 5

I've spent my entire day learning about VPN, and have been working with following setup:

2 VPS Servers at the same data centre in Texas. (Texas1 and Texas2), 1 VPS in England and 1 VPS in Atlanta and on Ubuntu.

I set up the England VPS as my OpenVPN Server, and all the others as clients. Relevant server config:

port 1194
proto udp
dev tap
server 10.20.0.0 255.255.0.0
ifconfig-pool-persist ipp.txt
client-to-client

Client config:

client
remote myserver 1194
dev tap
proto udp
resolv-retry infinite
nobind

I was delighted (after adding client-to-client) that Texas1 and Texas2 could ping each other on the VPN ips. The problem is, when they ping on the public IP it takes <1ms, when they ping on the Internal IP 10.20.0.x it takes 226ms (coincidentally pinging England is 113ms).

This is my entire configuration, I'm terrified of bridges, and iptables (though I'm evidently going to have to learn). I'm very new to the server side, mainly do web development and am learning with Ubuntu 10.04.

Can anyone advise how I can best get clients to cut out the server and so bandwidth is not wasted and sent to another continent on its way. I'm also going to want to add my windows home network (I have DD-WRT router) to the VPN using the router as a client, I think I'm going to have to have it set up with its own subnet?

Can anyone advise the best way to achieve my goals? Thank you very much!

vpn openvpn site-to-site-vpn vps ubuntu-10.04