Configure bind for Apache vhosts
Community Support question - to convert into a paid question, click here
Lines in bold below have not yet been seen by the customer - those in blue are from the customer
| Username : Date : Action : Comments [ close all ] |
|
|
|
javiermarcon : 24/12/02 02:32 AM : Incident created |
|
- Hello, I have configured apache with two virtual hosts (with one ip) and work fine in mi machine. but when I try to access it from another machine fom the net, it doesn't resolve the names. How do I configure bind to resolve that names? Thanks.
|
|
|
|
uligue : 24/12/02 04:26 AM : Reply received |
|
- 1) The system need have authority over the domain.
2) See /etc/named.conf the following parameters:
directory (usually /var/named) and
at zone of second domain see line with file. I will assume this as
file "other.db"
So go to directory defined in "directory" and edit the file "other.db"
Increment the serial number and insert at end (could be another place, but ...)
the following line:
new-name.second-domain. in a 192.168.1.222 (I'm assumming the IP is 192.168.1.222)
reload or restart name server:
/etc/rc.d/init.d/named restart
or, if it was properly configured,
rndc reload
If this solve your problem then, please, close the incident and rate expert
else let me know.
Merry Cristmas an nice new year.
|
|
|
|
javiermarcon : 24/12/02 10:53 PM : More info provided |
|
- Thanks, but I don't have the file named.conf in etc directory. Also I didn`t find the file other.db. How do I create a zone (in my computer) for each domain I have registered in internic? (Later I will change the dns server configuration of internic to my public ip). Thanks.
|
|
|
|
uligue : 25/12/02 11:59 PM : Reply received |
- Prepare to drink a wine, water, coffee,
and try to read something about bind. (see http://www.isc.org/).
To resume the answer, the zones ares created by directive zone, as follow:
option {
directory "/var/named"
};
# Here we will say abaout the zone:
# Your system will be the DNS masteer and has control
# over that zone. The resource records (RR) are
# stored in file "/var/named/filename". "/var/named" cames
# from directive "option/directory" directive (see above).
# I will assume that the domain name is "javiermarcon.com.es"
zone "javiermarcon.com.es" in {
type master;
file "javmar.db";
};
------------ end of named.conf ------------
"javmar.db" is the file name that has the RR (Resource Records) of that
zone.
the file with name "javmar.db" (this is a ficticious file name. Replace it
by the file created by you, will contain the Resource Records, or the zone
database. I also will assume some IP address (192.168.82.0 block) and some
machine names. The first one is system that has the authority of that
domain, or be, where that domain START. It will be the START OF AUTHORITY
about that domain. It will be called nosotros.javiermarcom.com.es
$TTL 86400
@ in soa nosotros.javiermarcom.com.es. hostmaster.javiermarcom.com.es. (
1 ; This is the serial number
3600 ; This is the refresh time
600; This is the retry time
1D ; This is expiration time
86400 ; Time to Live of the each RR
# the character "@" above, represets the zone "javiermarcon.com.es"
# nosotros.javiermarcon.com.es. is the SOA sys name
# hostmater.javiermarcom.com.es. means the E-mail address
# ([email protected].).
#
# Definind the RRs
@ IN NS nosotros.javiermarcon.com.es.
# or,
#@ IN NS nosotros (without any dots)
@ IN MX 10 correspo
# what these means:
# The zone @ has a name server provided by system with name
# nosotros.javiermarcon.com.es
# the domain has a MX (mail server) system with name
# correspo.javiermarcon.com.es
# But, What is the IP address of those systems?
nosotros IN A 192.168.82.28
correspo IN A 192.168.82.44
www IN A 192.168.82.44
#The line, above, said that tyhe name www.javiermarcon.com.es
# has IP address 192.168.82.44. . At this case, the
# same IP has TWO names. It also need to be configured
# at reverse name database.
-------- end of direct RR database --------------------
Let me see if you take the picture until now.
|
|
|
|
javiermarcon : 27/12/02 12:28 AM : More info provided |
|
- Thanks, y barely get the idea. If my public ip number is 192.168.82.44, what is the ip 192.168.82.28 in your explanation? What is thre reversed host? What are the ip addresses that have 3 numbers and end with in-addr.arpa.?
Thanks.
|
|
|
|
uligue : 28/12/02 04:08 AM : Reply received |
|
- Thanks, y barely get the idea. If my public ip number is 192.168.82.44, what
is the ip 192.168.82.28 in your explanation? What is thre reversed host? What
are the ip addresses that have 3 numbers and end with in-addr.arpa.?
192.168.82.28 is the IP of name server (or NS clause). My explanation I'm
assuming two IP address. 82.28 will be used to listen DNS queries. If you have
only one system and only one IP address available (public address), then you
can replace 192.168.82.28 by 192.168.82.44 (as you are assuming to be the
public).
There is not a reverse host, but a "almost" a reverse name resolution. when
one IP datagram arrives at target system it contains the IP adddress of your
system (target system) and the source IP address. To get the host name regards
to that source IP, the application will do a reverse query to DNS system. It
will invert the order of bytes of that IP and will insert the root name of
reverse three (in-addr.arpa). Let the source IP address be 192.168.100.20. At
this case, the reverse query will be: 20.100.168.192.in-addr.arpa.
The three number means the reverse zone (domain). If you use a class C IP
block, the reverse will have three numbers. Example: The reverse domain (zone
is better!) of your network is 82.168.192.in-addr.arpa.
So, include in named.conf
zone "82.168.192.in-addr.arpa" in {
type master;
file "javmar.rev";
};
-----------------------
javmar.rev is:
-------- 8<----------
$TTL 86400
@ in soa nosotros.javiermarcom.com.es. hostmaster.javiermarcom.com.es. (
1 ; This is the serial number
3600 ; This is the refresh time
600; This is the retry time
1D ; This is expiration time
86400 ; Time to Live of the each RR
@ IN NS nosotros.javiermarcon.com.es.
44 IN PTR www.javiermarcon.com.es.
IN PTR correspo.javiermarcon.com.es.
# if 28 exist...
28 in PTR nosotros.javiermarcon.com.es.
------------8< --- end ----------
Any other question?
|
|
|
|
javiermarcon : 29/12/02 02:02 AM : More info provided |
|
- Thanks.
I tried to configure bind as you sayed (before telling me how to setup the reverse resolution) for javiermarcon.com.ar but it didn't work. When I try to access the page using the name, it fails, if I use the ip address it brings me the page as it did before installing bind. In monday I'll try to configure it adding the reversed configuration.
Does it have some thing to do the configuration of the security level (msec 3) and the firewall blocking all ports except 21, 22, 23, 25, 80, 515, 631, 1024, 1025 and 6000?
Do I have to change something in resolv.conf? (resolv.conf has only the ip address and the name of the hosts).
If I have other virtual domains in the same apache with the same ip address (for example servilink.com.ar and lbmdesign.com.ar), do I have to add one master configuration and one reversed configuration for each one of these too or I can include the 3 reversed ones on a single configuration file?
In every example I see, some values like $TTL, serial, and timings are different. Is it any ruller to put the right values or I should copy them from any example?
What does the dns server configuration in linuxconf, since it doesn`t use bind?
Thank you and happy new year.
|
|
|
|
uligue : 30/12/02 05:07 AM : Reply received |
|
- Hummmm!!!! Blocking all ports, excepts those ones! And about port 53 UDP and
TCP? Do you want that bind works, right? So open the port 53 for UDP.Bind uses
port 53/UDP to listen and answer the queries.
About timing:
Serial Number:
Is a number only. It is regards to serial version of the file. You MAY (not
MUST) adopt the format YYYYMMDDNN format
Refresh, retry and Expired time are related to slave name server. They control
when the slave name server MUST connect to master to update the database
(refresh time). In case of master is unreachable from slave, this will retry
after that time. Once success conection slave asks for serial number and match
with it has. If the serial number is differrent slave will download the
updated database. At expired time slave will download the existent database in
master, no matter if the serial version is equal or not.
The last number (TTL) is the same of $TTL and measn the Time to Live of each
RR (resource record if this time is not defined).
So these times are related to YOUR network. Shorter times measn more traffic
but the systems will be always updated. Greater values reduces the traffic but
the RRs will take more time to be updated. See ISC FAQs. This discussion take
a lot of time.
$TTL and the last timming is the same thing. The difference is in the version
of BIND. $TTL is a information for the MASTER DNS. the ttl (last timming) is
informed to SLAVE.
You did not said me if you include more modules at linuxconf since exist
specific module to configure BIND. Usually, linuxconf, only configures the
CLIENT part, not SERVER ones.
Resolv.conf if the CLIENT part. It tells to system what the name server can
resolv the names. Only this!
The configuration informed works. It is almost a cut&paste of my internal LAN
(7 PCs running Windowses and Linux Mandrake) and a Dell 6250 (dual proc 2.2
Gb) running Linux Mandrake. You are missing something there!
|
|
|
|
javiermarcon : 30/12/02 11:08 PM : More info provided |
|
- Thanks, it worked perfectly. One last question: I sert up 3 zones in one single ip. Do I have to make a single reversed zone file for that ip or I have to make one for each domain?
Thanks and happy new year.
|
|
|
|
uligue : 31/12/02 09:01 PM : Reply received |
|
- A single reverse with one PTR for each hostname:
44 in ptr hoatname1.doman1.com.es.
in ptr hostname2.domain2.com.es.
in ptr hostname3.domain3.com.es.
uligue
|
|
|
|
javiermarcon : 31/12/02 09:44 PM : Incident closed |
|
-
|
|
|
|
Language
Search Mandriva Expert
|
