On Mon, 2021-05-03 at 11:56 -0700, Jack Craig wrote:
i think you are right, i've been wondering about the ns3's behaviour as the dnscheck page keeps telling me i have only one responding dns. as it is part of the at&t dns, i have been ignoring this; now is the time to deal with it....
i am sporting mike's recent config file cuz its So much prettier than my hack. i hacked in a CAAA record & updated teh serial number giving me, ...
$TTL 3D ; default ttl for records without a specified lifetime $ORIGIN linuxlighthouse.com. linuxlighthouse.com. CAA 0 issue "letsencrypt.org" @ IN SOA ws.linuxlighthouse.com. root.linuxlighthouse.com. ( 2021050301 ; serial number 16384 ; ns refresh 2048 ; ns retry 1048576 ; authority expiry 2560 ); min (RFC2308 ยง4) IN NS ws.linuxlighthouse.com. IN NS ns3.attdns.com. ; IN MX linuxlighthouse.com. ws IN A 108.220.213.121 IN A 108.220.213.121
Are you sure that's constructed properly? There's usually a precise structure for zone files. All examples I've seen have things in this sequence (just the sequence, I've not typed in all the data):
$origin . $TTL SOA ( serial refresh time retry time expiry time minimum time ) NS A MX followed by the rest of your records
I'm not sure about where you might add a new thing, like CAA, but I wouldn't rearrange the order of that other things without being sure about it.
as an aside, if i add 'www in a 108.220.213.121'
would properly define 'www.linuxlighthouse.com' ???
Yes, anything you put left of IN A, that doesn't end in a dot, is a sub-domain (the server appends your domain name to it).