FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > CentOS > CentOS

 
 
LinkBack Thread Tools
 
Old 09-24-2010, 08:24 PM
Robert Heller
 
Default Configuring BIND to answer to two domain names (four IP addresses)

At Fri, 24 Sep 2010 21:05:25 +0200 CentOS mailing list <centos@centos.org> wrote:

>
> On Fri, Sep 24, 2010 at 20:18, Les Mikesell <lesmikesell@gmail.com> wrote:
> > Probably a waste of time. *If anyone cares, they'll track down the
> > domain and IP range ownership anyway (there are sites that do it
> > automatically). *So unless you've used company aliases in the domain
> > registration and gotten separate isp connections for your addresses the
> > connection will still show.
> >
>
> I know. The domain names _are_ in fact registered to different
> entities, though. The best hint is that the nameservers are on the
> same C block.

Which is still meaningless. Some name servers serve *hundreds* of web
sites, many competing with each other. Often large hosting companies
will serve hundreds of web sites, all with the *same* IP address and
many in competion with each other. As a line of reasearch, this is
somewhat fruitless. And it is doubtful anyone would really care --
anyone who is tech savey enough to know how use dig, whois, etc. knows
how BIND and Apache work and know all about virtual hosting, etc.

>
>

--
Robert Heller -- Get the Deepwoods Software FireFox Toolbar!
Deepwoods Software -- Linux Installation and Administration
http://www.deepsoft.com/ -- Web Hosting, with CGI and Database
heller@deepsoft.com -- Contract Programming: C/C++, Tcl/Tk


_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 09-24-2010, 08:28 PM
Dotan Cohen
 
Default Configuring BIND to answer to two domain names (four IP addresses)

On Fri, Sep 24, 2010 at 22:24, Alexander Dalloz <ad+lists@uni-x.org> wrote:
> http://www.zytrax.com/books/dns/
>
> That is a good source to read up about bind configuration.
>
> As a sidenote please be aware, that if someone directly queries your
> ns1.exampleA.com for exampleB.com zone records he will get proper
> answers. If you would need to prevent this for any reason you would need
> a extended bind config design using views.
>
> While the zytrax book has lessons about views you can too find a resource in
>
> http://www.cymru.com/Documents/secure-bind-template.html
>

Wow, thank you! There is some good reading there, especially the
security link. Lots of little holes to exploit!

I will be up for the night!

--
Dotan Cohen

http://gibberish.co.il
http://what-is-what.com
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 09-24-2010, 08:30 PM
Dotan Cohen
 
Default Configuring BIND to answer to two domain names (four IP addresses)

On Fri, Sep 24, 2010 at 22:24, Robert Heller <heller@deepsoft.com> wrote:
> Which is still meaningless. *Some name servers serve *hundreds* of web
> sites, many competing with each other. *Often large hosting companies
> will serve hundreds of web sites, all with the *same* IP address and
> many in competion with each other. *As a line of reasearch, this is
> somewhat fruitless. *And it is doubtful anyone would really care --
> anyone who is tech savey enough to know how use dig, whois, etc. knows
> how BIND and Apache work and know all about virtual hosting, etc.
>

Agreed 100%. But I'm not the only decision-maker and I'm learning in
the process anyway. This seems to be a rite-of-passage that I should
have gone through some time ago.

--
Dotan Cohen

http://gibberish.co.il
http://what-is-what.com
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 09-24-2010, 08:39 PM
Dotan Cohen
 
Default Configuring BIND to answer to two domain names (four IP addresses)

On Fri, Sep 24, 2010 at 22:24, Robert Heller <heller@deepsoft.com> wrote:
>> So, then, the association of a FQDN with any particular IP address is
>> only done in the domain name's control panel where the nameservers are
>> set?
>
> It is in bind's database (zone files). *In named.conf you associate
> domains (all but the leftmost part of the FQDN) with zone files and
> zone files map from hostnames (left-most part of the FQDN) to ip
> addresses.
>

Thank you. That is quite what I had suspected, and of course the zone
files that I am experimenting with reflect that. How is this:


# cat /var/named/exampleA.com.hosts

$ORIGIN exampleA.com.
$TTL 1h
exampleA.com. IN SOA ns1.exampleA.com. ns2.exampleA.com. (
1; Serial - increment me
10800
3600
604800
38400 )
IN NS ns1.exampleA.com.
IN NS ns2.exampleA.com.
exampleA.com. IN A 1.1.1.1
exampleA.com. IN A 1.1.1.2
ns1 IN A 1.1.1.1
ns2 IN A 1.1.1.2


--
Dotan Cohen

http://gibberish.co.il
http://what-is-what.com
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 09-24-2010, 08:41 PM
Robert Heller
 
Default Configuring BIND to answer to two domain names (four IP addresses)

At Fri, 24 Sep 2010 21:58:09 +0200 CentOS mailing list <centos@centos.org> wrote:

>
> Thank you for all the help so far. To conclude:
> I have one physical server that answers to the following IP addresses:
> 1.1.1.1
> 1.1.1.2
> 1.1.1.3
> 1.1.1.4
>
> I need 1.1.1.1 & 1.1.1.2 to be the name servers for exampleA.com, and
> 1.1.1.3 & 1.1.1.4 to be the nameservers for exampleB.com. I have these
> files:
>
> # cat /etc/named.conf
>
> options {
> directory "/etc";
> pid-file "/var/run/named/named.pid";
> listen-on {
> any;
> };
> };
>
> zone "." {
> type hint;
> file "/etc/db.cache";
> };
>
> zone "exampleA.com" {
> type master;
> file "/var/named/exampleA.com.hosts";
> };
> zone "exampleB.com" {
> type master;
> file "/var/named/exampleB.com.hosts";
> };
>
>
>
> # cat /var/named/exampleA.com.hosts
>
> $ORIGIN exampleA.com.
> $TTL 1h
> exampleA.com. IN SOA ns1.exampleA.com. ns2.exampleA.com. (
> 1; Serial - increment me
> 10800
> 3600
> 604800
> 38400 )
> exampleA.com. IN NS ns1.exampleA.com.
> exampleA.com. IN NS ns2.exampleA.com.
> exampleA.com. IN A 1.1.1.1
> exampleA.com. IN A 1.1.1.2

You need:

ns1.exampleA.com. IN A 1.1.1.1
ns2.exampleA.com. IN A 1.1.1.2

And you might also consider:

www.exampleA.com. IN A 1.1.1.1
www.exampleA.com. IN A 1.1.1.2



>
>
>
> # cat /var/named/exampleB.com.hosts
>
> $ORIGIN exampleB.com.
> $TTL 1h
> exampleB.com. IN SOA ns1.exampleB.com. ns2.exampleB.com. (
> 1; Serial - increment me
> 10800
> 3600
> 604800
> 38400 )
> exampleB.com. IN NS ns1.exampleB.com.
> exampleB.com. IN NS ns2.exampleB.com.
> exampleB.com. IN A 1.1.1.3
> exampleB.com. IN A 1.1.1.4

And:

ns1.exampleB.com. IN A 1.1.1.3
ns2.exampleB.com. IN A 1.1.1.4

And you might want to consider:

www.exampleB.com. IN A 1.1.1.3
www.exampleB.com. IN A 1.1.1.4


>
>
>
> How does that look?
>

--
Robert Heller -- Get the Deepwoods Software FireFox Toolbar!
Deepwoods Software -- Linux Installation and Administration
http://www.deepsoft.com/ -- Web Hosting, with CGI and Database
heller@deepsoft.com -- Contract Programming: C/C++, Tcl/Tk


_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 09-24-2010, 08:41 PM
Robert Heller
 
Default Configuring BIND to answer to two domain names (four IP addresses)

At Fri, 24 Sep 2010 22:12:44 +0200 CentOS mailing list <centos@centos.org> wrote:

>
> On Fri, Sep 24, 2010 at 22:06, James A. Peltier <jpeltier@sfu.ca> wrote:
> > formatting for NS records is incorrect. *It should just read
> >
> > * * * * * * * * * NS ns1.exampleA.com.
> > * * * * * * * * * NS ns2.exampleA.com.
> >
>
> Thanks. (I added the periods)
>
> > where is your ns1.exampleA.com entry?
> > where is your ns2.exampleA.com entry?
> >
>
> Where _should_ they be? So far as I've been able to google, I cannot
> tell... This is what all the examples look like that I have been able
> to find.

With the rest of the IN A records for exampleA.com (and correspondingly
for exampleB.com). You need *addresses* for your name servers as well
as for your web servers. And you might also want to have www.<mumble>
address records as well. And if these site are sending E-Mail, MX
records would be *polite*. MTAs often toss E-Mail from addresses
lacking MX records... And if you have a MX record pointing to
mail.exampleA.com and/or mail.exampleB.com, you will need IN A records
for the mail. hosts as well. Or you can use CNAME records.

>
>
> > Broken!
> >
>
> Ou!
>
>

--
Robert Heller -- Get the Deepwoods Software FireFox Toolbar!
Deepwoods Software -- Linux Installation and Administration
http://www.deepsoft.com/ -- Web Hosting, with CGI and Database
heller@deepsoft.com -- Contract Programming: C/C++, Tcl/Tk


_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 09-24-2010, 09:02 PM
Dotan Cohen
 
Default Configuring BIND to answer to two domain names (four IP addresses)

On Fri, Sep 24, 2010 at 22:41, Robert Heller <heller@deepsoft.com> wrote:
> You need:
>
> ns1.exampleA.com. IN * * *A * * * 1.1.1.1
> ns2.exampleA.com. IN * * *A * * * 1.1.1.2
>

Here I have found conflicting information, it seems that some sources
suggest this instead:
ns1 IN A 1.1.1.1
ns2 IN A 1.1.1.2

Any idea?

> And you might also consider:
>
> www.exampleA.com. IN * * *A * * * 1.1.1.1
> www.exampleA.com. IN * * *A * * * 1.1.1.2
>

Yes, of course! Thanks.

--
Dotan Cohen

http://gibberish.co.il
http://what-is-what.com
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 09-24-2010, 09:03 PM
Dotan Cohen
 
Default Configuring BIND to answer to two domain names (four IP addresses)

On Fri, Sep 24, 2010 at 22:41, Robert Heller <heller@deepsoft.com> wrote:
> With the rest of the IN A records for exampleA.com (and correspondingly
> for exampleB.com). *You need *addresses* for your name servers as well
> as for your web servers.

I see.


> *And you might also want to have www.<mumble>
> address records as well.

Added!


> *And if these site are sending E-Mail, MX
> records would be *polite*. *MTAs often toss E-Mail from addresses
> lacking MX records... *And if you have a MX record pointing to
> mail.exampleA.com and/or mail.exampleB.com, you will need IN A records
> for the mail. hosts as well. *Or you can use CNAME records.
>

Thanks. There will be no email, though.


--
Dotan Cohen

http://gibberish.co.il
http://what-is-what.com
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 09-24-2010, 09:10 PM
Dotan Cohen
 
Default Configuring BIND to answer to two domain names (four IP addresses)

On Fri, Sep 24, 2010 at 22:47, Les Mikesell <lesmikesell@gmail.com> wrote:
> I think that's reasonable - but note that from the rest of the world's
> perspective the ns1, ns2 IP's are going to come from the glue records
> from the upstream DNS that would have been added when you registered the
> servers as primary for the domain. *For anything else, the query gets
> passed on to your server.
>

I did see mention of the term glue records earlier while googling,
only now am I googling it...

Oh, it looks like I may need to set those too. When I configured
ns1.exampleA.com & ns2.exampleA.com in the registrar's control panel,
I did enter the 1.1.1.1 & 1.1.1.2 addresses. Should that be enough?

--
Dotan Cohen

http://gibberish.co.il
http://what-is-what.com
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 09-24-2010, 09:15 PM
Dotan Cohen
 
Default Configuring BIND to answer to two domain names (four IP addresses)

On Fri, Sep 24, 2010 at 23:13, James A. Peltier <jpeltier@sfu.ca> wrote:

> | > You need:
> | >
> | > ns1.exampleA.com. IN A 1.1.1.1
> | > ns2.exampleA.com. IN A 1.1.1.2
> | >
> |
> | Here I have found conflicting information, it seems that some sources
> | suggest this instead:
> | ns1 IN A 1.1.1.1
> | ns2 IN A 1.1.1.2
> |
> | Any idea?
> |
> This is a matter of preference, but may depend on your configuration too. *I'm lazy so I use short form
>
> http://www.zytrax.com/books/dns/ch6/mydomain.html
>

I see, James, thanks.


--
Dotan Cohen

http://gibberish.co.il
http://what-is-what.com
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 

Thread Tools




All times are GMT. The time now is 09:17 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org