Externally vs. Internally Hosted DNS Recommendations and Best

Document Sample
Externally vs. Internally Hosted DNS Recommendations and Best Powered By Docstoc
					Presented January 9, 2007 at NYExUG Meeting

Externally vs. Internally
     Hosted DNS
Recommendations and
    Best Practices
                          Ben Serebin
                   Network Consultant
                       REEF Solutions
          ben a t reefsolutions . c o m

  Overview of DNS (ABC’s of DNS)
  Internal DNS Hosting (Pro’s & Con’s)
  External DNS Hosting (Pro’s & Con’s)
  Recommendations For Your
DNS – Sounds More Complicated Than It Is!!!

  DNS has many aliases: Domain Name System,
  Domain Name Server, Domain Name Services,
  etc. Why? Who Cares!
  Basic Purpose is to make the internet easier to
  use for users. Explained… #’s to names.
  Design of the DNS architecture makes it possible
  to be extremely distributed.
  Summary: DNS is the blood of the internet.
  Without it, the patient dies.
ABCs of DNS (disclaimer = this is simplified)

 DNS Has Different Purposes (aka records)
  DNS has 2 main purposes (1 for Mail Servers & 1 for Web
  Servers). Temporarily forgetting about the other 8 or so.
  The DNS record for Mail Servers are called Mail
  Exchangers (aka MX) records.
  The DNS record for Web Servers are called host (aka A
  or address) records.
 Review – Important Your Understand This. Quiz Time
  A = web servers
  MX = mail servers
ABCs of DNS = More Technically

 DNS has 4 important records for email admin’s
  A, MX, NS, TXT
  A record = host record. Basic building block for DNS.
  Every server using DNS on the internet has this entry. s
  can be used for any type of device with an IP address.
  You can list 1 or more IP to a hostname for clustering
  purposes. So the A record for www.nyexug.com is
  MX record = mail exchange record. Are only for email
  server entries. This entry explains to other mail servers
  which servers handle email for the domain and the order
  of which servers to connect to. So the MX record for
  reefsolutions.com looks like this….
MX Record Explained In Detail

  This is the real DNS MX response for reefsolutions.com (REEF)
  reefsolutions.com has 3 MX entries (see type column). So, 3 mail
  servers will accept email for the users with the email address of
  Preferences (aka cost, priority) tell order for other mail servers to
  connect to REEF’s srvs. So, preference of 0 means, primary server.
MX Record – How Old Are You?

  TTL = Time to Live. This entry is used to tell other DNS servers how
  long to keep this entry in their cache. This entry (TTL) is present in
  all DNS entries. So, in this example b.reefsolutions.com,
  mail.pghost.com, and spamcop.reefsolutions.com have a TTL of
  7200. This is in seconds, so converted that is 2 hrs of caching. This
  will vary by DNS hosting provider.
  So, if I change the MX record, how long does it take to go live?
DNS = Who Handles The Time?

  NS record = name server. These are the servers that hold
  all the DNS information for your domain. In this example,
  reefsolutions.com has 5 name server records. So,
  normally, this would mean 5 DNS servers.
Universal DNS Record???

  TXT record = This entry in DNS can be used to hold any
  information you want. This has commonly been used for
  an anti-spam technologies called Sender Policy
  Framework. There are a number of sites that explain how
  to set this up, but states which servers accept email for
Internal DNS Hosting (Pro’s & Con’s)

   Low Cost since you run DNS off your DNS servers
   DNS changes can be quickly done
   Fast DNS response time (aka latency) for internal users

  More Complicated (split domains [public versus private
  Uses Your Company’s Bandwidth Up
  Less Reliability
  Less Secure (your DNS servers are open on the internet)
External DNS Hosting (Pro’s & Con’s)

  More Bandwidth Available
  More Reliability due to multiple sites
  Ease of Use for changes
  Faster for external servers especially when using
  Anycast DNS

  Costs Money
  Controlled by 3rd Party (trust their network)
Recommendations for Your Environment

  Make sure your NS records contain 2 servers on
  different class C subnets [GOOD]
  3 or more DNS servers in different geographically
  locations [BETTER]
  Use a DNS provider using Anycast technology (which
  provides clustered DNS service) [BEST]
  Make sure you have 2 or more mail servers listed in MX.
  Insure you have reverse DNS setup for your IP. This is
  handled by your ISP. Means, “tracert”
  shows spamcop.reefsolutions.com. Means, the IP
  belongs to this DNS record versus “4.sub-66-174-
  20.myvzw.com []”
Resources for Presentation & Further Information

   To check your DNS records and check your DNS timing,
   use dnsstuff.com. This will convince you to upgrade to
   Anycast DNS.
   For Anycast DNS providers see DNSmadeeasy.com
   [recommend], UltraDNS.com, Netriplex.com, and
   Contact your ISP to add a rDNS or PTR record for your
   mail server.
   If you use hosted virus, spam, etc services for your
   Exchange Server, make sure you relay your mail via that
   vendor, otherwise if you do not list an MX record this
   can cause mail sending difficulties for your server.
Presented January 9, 2007 at NYExUG Meeting

Exchange Maintenance

                             Ben Serebin
                     Network Consultant
                         REEF Solutions
          ben a t reefsolutions dot c o m
Basic Maintenance for Your Server

  Check Event Logs for Exchange Errors.
  Test Exchange to receive email via telnet.
  Check your Exchsvr\MDBDATA directory to insure logs
  only are current date.
  Launch ESM and make sure Mail Store and Public Store
  are running.
  How Much Free Space is there (SP1 16GB, SP2 75GB)?
  ESM under your server name and check the Queues.
  Make sure they are empty. See next page.
Basic Maintenance for Your Server

  ESM under your server name and check the Queues.
  Make sure they are empty. See below.
Presented January 9, 2007 at NYExUG Meeting

 Thank you for attending the
NYExUG User Group Meeting.
Benefits of Attending Meetings
             - pizza
- raffle (1GB USB thumb drive)

Shared By: