Re: Bind ip alias

From: Mark Lowe (mark.lowe_at_boxstuff.com)
Date: 06/03/04

  • Next message: Christian Campbell: "RE: Mail Server"
    Date: Thu, 3 Jun 2004 12:13:49 +0200
    To: General Red Hat Linux discussion list <redhat-list@redhat.com>
    
    

    Hi steve, or any other bind gurus.

    I know its a few weeks on but my main job is a developer.

    I moved all my existing records to and external view (followed you
    suggested directory structure).

    I added the internal view and a single record (maindomain), but when i
    try to ping on the server itself it returns the external ip.
    of the in

    internal/db.127.0.0

    be different from

    external/db.127.0.0

    ?

    Mark

    On 24 May 2004, at 00:03, Cowles, Steve wrote:

    > Mark Lowe wrote:
    >> Hello
    >>
    > ...[snip]
    >
    >> How to I get things so to the outside world hosteddomain.com
    >> is the real ip and to the server its the aliased one?
    >
    > ...[snip]
    >
    > Are you sure you're not wanting (asking how) to implement bind views?
    > i.e.
    >
    > -----------------------------------------------
    > # cat /var/named/internal/db.maindomain
    >
    > $ttl 38400
    > @ IN SOA mainhost.maindomain.com.
    > root.mainhost.maindomain.com. (
    > 1084742277
    > 10800
    > 3600
    > 604800
    > 38400 )
    > hosteddomain.com. IN NS ns.maindomain.com.
    > www.hosteddomain.com. IN A 10.0.0.10
    > ftp.hosteddomain.com. IN A 10.0.0.10
    > mail.hosteddomain.com IN A 10.0.0.10
    > hosteddomain.com. IN A 10.0.0.10
    >
    > -----------------------------------------------
    > # cat /var/named/external/db.maindomain
    >
    > $ttl 38400
    > @ IN SOA mainhost.maindomain.com.
    > root.mainhost.maindomain.com. (
    > 1084742277
    > 10800
    > 3600
    > 604800
    > 38400 )
    > hosteddomain.com. IN NS ns.maindomain.com.
    > www.hosteddomain.com. IN A 4.5.6.10
    > ftp.hosteddomain.com. IN A 4.5.6.10
    > mail.hosteddomain.com IN A 4.5.6.10
    > hosteddomain.com. IN A 4.5.6.10
    >
    > -----------------------------------------------
    > #cat /etc/named.conf
    >
    > options {
    > directory "/var/named";
    >
    > pid-file "/var/run/named/named.pid";
    > statistics-file "/var/log/named/named.stats";
    > dump-file "/var/log/named/named.dump";
    > zone-statistics yes;
    >
    > // Listen ONLY on the following interfaces
    > listen-on { 127.0.0.1 ; 10.0.0.10; };
    > ...[snip]
    > };
    >
    > acl "trusted-nets" {
    > 10.0.0.0/24;
    > 127.0.0.1;
    > };
    >
    > ...[snip]
    >
    > view "internal" in {
    > //Only allow trusted nets to query this view
    > match-clients { trusted-nets; };
    >
    > // Enable recursion for this view
    > recursion yes;
    >
    > // Cache data retrieved in this view
    > additional-from-auth yes;
    > additional-from-cache yes;
    >
    > // Load the "root" (hints) zone
    > zone "." in {
    > type hint; // Zone is of type hint
    > file "root.cache"; // Specify the root
    > filename
    > };
    >
    > // Load the internal 127.0.0 reverse zone
    > zone "0.0.127.in-addr.arpa" in {
    > type master; // Zone is a master
    > allow-transfer { none; }; // Do not accept zone
    > tranfers
    > allow-query { any; }; // Allow anyone to
    > query
    > zone
    > file "internal/db.127.0.0"; // Load internal zone
    > file
    > };
    >
    > // Load the internal maindomain.com zone
    > zone "maindomain.com" in {
    > type master; // Zone is a
    > master
    > notify yes; // Send
    > notifies?
    > file "internal/db.maindomain"; // Load zone
    > file
    > };
    > ...[snip]
    > };
    >
    > view "external" in {
    > //Allow anyone to query this view
    > match-clients { any; };
    >
    > // Disable recursion for this view
    > recursion no;
    >
    > // Do NOT cache data retrieved in this view
    > additional-from-auth no;
    > additional-from-cache no;
    >
    > // Load the "root" (hints) zone
    > zone "." in {
    > type hint; // Zone is of type hint
    > file "root.cache"; // Specify the root
    > filename
    > };
    >
    > // Load the external maindomain.com zone
    > zone "maindomain.com" in {
    > type master; // Zone is a master
    > notify yes; // Send notifies?
    > allow-query { any; }; // Allow anyone to
    > query
    > zone
    > file "external/db.maindomain"; // Load zone file
    > };
    > ...[snip]
    > };
    >
    > # cat /etc/resolv.conf
    > search maindomain.com
    > nameserver 127.0.0.1
    > ...[snip]
    >
    >
    > At least that's what I do at this end. Using the above example, any
    > host on
    > your lan configured to use this DNS server along with the server itself
    > (127.0.0.1) would return the 10.0.0.10 address. A query to your DNS
    > server
    > originating from the internet would return the 4.5.6.10 address. FWIW:
    > I
    > configure my apache virtual's to refernece the internal ip address
    > like what
    > you posted.
    >
    > Steve Cowles
    >
    >
    > --
    > redhat-list mailing list
    > unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
    > https://www.redhat.com/mailman/listinfo/redhat-list
    >

    -- 
    redhat-list mailing list
    unsubscribe mailto:redhat-list-request@redhat.com?subject=unsubscribe
    https://www.redhat.com/mailman/listinfo/redhat-list
    

  • Next message: Christian Campbell: "RE: Mail Server"

    Relevant Pages

    • CORRECT! Heres ZA Tech Supports Email Re: Internet Worms and ZoneAlarm
      ... ZoneAlarm protects the computer it is installed on by only allowing Internet ... There is a third zone -- a Restricted Zone (which restricts access to your ... Server rights to both Local AND Internet Zones. ...
      (comp.security.firewalls)
    • Re: For anyone interested in blocking nameserver lookups to sites
      ... > 8.2.x series name server and a semi-current version of RedHat Linux. ... > The first thing that you need to do is setup the start of the named.conf ... > zone "doubleclick.net" in { ... > however you can go into Internet Options -> Advanced tab and turn off ...
      (comp.os.linux.security)
    • Re: DNS passthrough on no explicit result?
      ... I am a stealth master for my external zone, so all changes to IPs will ... On the recursive resolving name server that you use inside your network, ... This configuration can cause confusion (you can't resolve ... Internet. ...
      (comp.protocols.dns.bind)
    • Re: Urgent! New router and big disaster
      ... The SBS DNS server, running on ... its IP it means that your problem is now DNS. ... forward ports to it reliably in the router. ... I should have been more clear about internet connection.. ...
      (microsoft.public.windows.server.sbs)
    • Re: RWW Disconnecting
      ... I have been connected from a remote site for about 3 ... DHCP server and even a wireless access ... the key codes to for Internet access. ... Client Workstations} ...
      (microsoft.public.windows.server.sbs)