...
This site is in the process of being reviewed and updated.
...
...
5.6. DNS Protocol Provider
...
...
Introduction
The ApacheDS Domain Name Service (DNS) provider implements
{link:RFC 1034|RFC 1034RFC 1034http://www.faqs.org/rfcs/rfc1034.html}{link} Wiki Markup
...
{link:RFC 1035|RFC 1035RFC 1035http://www.faqs.org/rfcs/rfc1034.html}{link} Wiki Markup
...
The DNS provider plugins into the Apache Directory server. As a plugin, the DNS provider uses the network layer (MINA) for front-end services and the Apache Directory read-optimized backing store via JNDI for a persistent store.
...
On Linux, a typical invocation of dig looks like:
...
...
If no type argument is supplied, dig will perform a lookup for an A record. For example:
...
...
ApacheDS schema for storing DNS zones in LDAP
...
An example entry using the STRUCTURAL objectClass domain
...
...
The AUXILIARY 'domain' objectClass
...
An example entry using the AUXILIARY objectClass dcObject
...
...
Resources
{link:RFC 2247 - Using Domains inWiki Markup RFC 2247 - Using Domains in LDAP/X.500 Distinguished NamesRFC 2247 - Using Domains in LDAP/X.500
Distinguished
Names
|http://www.faqs.org/rfcs/rfc2247.html
}{link}
DNS Best Practices
DNS Testing Tool
Useful tool for testing DNS configuration:
{link:www.dnsreport.comwww.dnsreport.com|http://www.dnsreport.com/}{link} Wiki Markup
There are other tools available from the same people, at
{link:www.dnsstuff.comwww.dnsstuff.com|http://www.dnsstuff.com/}{link} Wiki Markup
...
- MX - Change MX records from CNAME's to A records. This is supposed to improve lookup speed and MX pointing to CNAME's is an RFC violation.
- SOA - Change SOA values to come in line with recommended values, per dnsreports.com.
- PTR - Add PTR records for server1.example.com. This is to address an error being generated by AOL and Hotmail, which use reverse lookups on mail servers to weed out spam. Mail on the example.com mailing lists has increasingly been bounced by AOL and Hotmail as spam and header inspection points to lack of PTR record. Setting PTR records at the hosting provider is a relatively new feature, probably added to address this problem.
...
Unit tests for all 6.2.*
Key algorithm 4.3.1 & 4.3.2
Sender Permitted From
{link:Sender Permitted From|Wiki Markup Sender Permitted FromSender Permitted Fromhttp://spf.pobox.com/
}{link} is a DNS-based method for preventing SMTP spoofing.
Secret Key Transaction Authentication for DNS (TSIG)
{link:RFC 2845|Wiki Markup RFC 2845RFC 2845http://www.faqs.org/rfcs/rfc2845.html
}{link}