FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > CentOS > CentOS

 
 
LinkBack Thread Tools
 
Old 09-24-2010, 05:26 PM
Eric Viseur
 
Default Configuring BIND to answer to two domain names (four IP addresses)

Maybe a Round-Robin configuration ?

2010/9/24 Dotan Cohen <dotancohen@gmail.com>

> Have a read for the listen on directive for BIND which tells BIND what

> interfaces/IP Addresses to bind to.



Thanks, I am aware that Apache can be told to listen only to specific

addresses. Can BIND be told to listen on all addresses? Your post

implies that this is the default (which makes sense, as so does

Apache), maybe I am chasing a non-issue?



In other words, I should configure BIND to answer to exampleA.com and

to exampleB.com with no regard to IP addresses. then in the control

panel for each domain name configure the nameservers to my liking

(with addresses that the server answers to, naturally)? That's it?





> *Alternatively, you could just configure BIND identically on both machines and ensure that

> they are setup in a master/slave configuration so that each name server could answer

> requests for both domains and publish both name server records in each domain.

>



There is only one machine. All four addresses point to it.



--

Dotan Cohen



http://gibberish.co.il

http://what-is-what.com

_______________________________________________

CentOS mailing list

CentOS@centos.org

http://lists.centos.org/mailman/listinfo/centos



_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 09-24-2010, 05:38 PM
Dotan Cohen
 
Default Configuring BIND to answer to two domain names (four IP addresses)

On Fri, Sep 24, 2010 at 19:26, Eric Viseur <eric.viseur@gmail.com> wrote:
> Maybe a Round-Robin configuration ?
>

Thank you Eric, but I may have been unclear. There is only one
physical server, but it answers to four IP addresses.


--
Dotan Cohen

http://gibberish.co.il
http://what-is-what.com
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 09-24-2010, 05:43 PM
Dotan Cohen
 
Default Configuring BIND to answer to two domain names (four IP addresses)

On Fri, Sep 24, 2010 at 19:38, Les Mikesell <lesmikesell@gmail.com> wrote:
> You are making it much more complicated than necessary.

That is what I suspected! I know that when Linux gets difficult, it is
because I'm doing it wrong!


> I'd configure
> apache to use named virtual hosts and listen on all addresses (but you
> might want to tie https to specific addresses so you can tie connections
> to the right certificates),

Exactly how it is configured.


> and bind to listen on all addresses and
> answer for all your domains.
>

So, then, the association of a FQDN with any particular IP address is
only done in the domain name's control panel where the nameservers are
set?


--
Dotan Cohen

http://gibberish.co.il
http://what-is-what.com
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 09-24-2010, 06:03 PM
Dotan Cohen
 
Default Configuring BIND to answer to two domain names (four IP addresses)

On Fri, Sep 24, 2010 at 19:49, James A. Peltier <jpeltier@sfu.ca> wrote:
> BIND has listen on directives as well, but if this is a single box configuration
> it's not necessarily required as it will listen on all interfaces.
>

Yes, I actually do want it to listen on all addresses (only one NIC),
I don't know why I thought that it had to be explicitly configured.


> As far as configuring the domains, well that's pretty simple. In your DNS records for each
> domain you would define NS records such as this
>
> $TTL 1d
> @ * * * * * * * IN * * *SOA * * ns1.exampleA.com. hostmaster.exampleA.com. (
> * * * * * * * * * * * * * * * *2010092401 * * *; PUT SEQUENCE NUMBER HERE (YYYY/MM/DAY/CHANGE #)
> * * * * * * * * * * * * * * * *3600 * * * * * *; Refresh every hour
> * * * * * * * * * * * * * * * *600 * * * * * * ; Retry * - every ten minutes
> * * * * * * * * * * * * * * * *604800 * * * * *; Expire *- after one week
> * * * * * * * * * * * * * * * * 1h ) ; Minimum 1H
> * * * * * * * *IN * * *NS * * *ns1.exampleA.com.
> * * * * * * * *IN * * *NS * * *ns2.exampleA.com.
>
> ;; Hosts Section
>
> ns1 * * IN * * A * * 1.1.1.1
> ns2 * * IN * * A * * 1.1.1.2
> www * * IN * * A * * 1.1.1.3
>
> Keep in mind that you don't need A records for the NS records if you are pointing to a different name server so your exampleB your records might look like this
>
>
> $TTL 1d
> @ * * * * * * * IN * * *SOA * * ns1.exampleB.com. hostmaster.exampleB.com. (
> * * * * * * * * * * * * * * * *2010092401 * * *; PUT SEQUENCE NUMBER HERE (YYYY/MM/DAY/CHANGE #)
> * * * * * * * * * * * * * * * *3600 * * * * * *; Refresh every hour
> * * * * * * * * * * * * * * * *600 * * * * * * ; Retry * - every ten minutes
> * * * * * * * * * * * * * * * *604800 * * * * *; Expire *- after one week
> * * * * * * * * * * * * * * * * 1h ) ; Minimum 1H
> * * * * * * * *IN * * *NS * * *ns1.exampleA.com.
> * * * * * * * *IN * * *NS * * *ns2.exampleA.com.
>
> ;; Hosts Section
>
> www * * * * * * 1.1.1.4
>
> Notice that the NS records point to ns1 and ns2.exampleA.com.
>

That is quite the point: I need the nameservers for exampleA.com and
exampleB.com to be different!


> Notice the A records for www.example{A,B} which should match your
> Apache instances if you are doing IP based hosting. *If you are doing
> name based hosting you *could* DNS round robin the requests.
>

If the nameservers are for specific addresses, and Apache serves based
on FQDN as opposed to based on address, then I think that Apache can
answer on all addresses.


> Master and Secondary DNS configurations are defined in your
> named.conf file. *This doesn't matter in your necessarily for your
> configuration, but thought I would point it out.
>
>
> On the master
>
> zone "examplea.com" {
> * * * *type master;
> * * * *file "zone.examplea.com";
> * * * *allow-transfer { ns2.examplea.com }
> };
>
>
> On the secondary
>
> zone "examplea.com" {
> * * * *type slave;
> * * * *masters { ns1.examplea.com };
> * * * *file "zone.example.com";
> };
>
>

Thanks. I will do another for exampleB.com as well, to keep them separate.

--
Dotan Cohen

http://gibberish.co.il
http://what-is-what.com
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 09-24-2010, 06:07 PM
Dotan Cohen
 
Default Configuring BIND to answer to two domain names (four IP addresses)

On Fri, Sep 24, 2010 at 19:59, Les Mikesell <lesmikesell@gmail.com> wrote:
> What's a control panel?

It is the web-based interface for the domain name registrar, in which
one configures the name servers for the domain name that he bought
from them.


> *Bind is going to want a zone file for each
> domain where it is the primary nameserver and an A record for each host
> in that domain.

Yes.


>*You may have some GUI tool to manage them.

Oh, no, I'm trying to learn the _right_ way! That's why I'm here!


>*But any
> instance of bind can be primary for any number of domains. *The
> association with the IP address(es) that will receive the queries
> happens when you register the domain into the public dns system and you
> can register the same server(s) as primary for many domains.
>

Yes, but I'd rather have different name servers for exampleA.com and
exampleB.com. The two domain names are for competing websites, there
should be no hint that they are associated.


--
Dotan Cohen

http://gibberish.co.il
http://what-is-what.com
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 09-24-2010, 07:05 PM
Dotan Cohen
 
Default Configuring BIND to answer to two domain names (four IP addresses)

On Fri, Sep 24, 2010 at 20:18, Les Mikesell <lesmikesell@gmail.com> wrote:
> Probably a waste of time. *If anyone cares, they'll track down the
> domain and IP range ownership anyway (there are sites that do it
> automatically). *So unless you've used company aliases in the domain
> registration and gotten separate isp connections for your addresses the
> connection will still show.
>

I know. The domain names _are_ in fact registered to different
entities, though. The best hint is that the nameservers are on the
same C block.


--
Dotan Cohen

http://gibberish.co.il
http://what-is-what.com
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 09-24-2010, 07:58 PM
Dotan Cohen
 
Default Configuring BIND to answer to two domain names (four IP addresses)

Thank you for all the help so far. To conclude:
I have one physical server that answers to the following IP addresses:
1.1.1.1
1.1.1.2
1.1.1.3
1.1.1.4

I need 1.1.1.1 & 1.1.1.2 to be the name servers for exampleA.com, and
1.1.1.3 & 1.1.1.4 to be the nameservers for exampleB.com. I have these
files:

# cat /etc/named.conf

options {
directory "/etc";
pid-file "/var/run/named/named.pid";
listen-on {
any;
};
};

zone "." {
type hint;
file "/etc/db.cache";
};

zone "exampleA.com" {
type master;
file "/var/named/exampleA.com.hosts";
};
zone "exampleB.com" {
type master;
file "/var/named/exampleB.com.hosts";
};



# cat /var/named/exampleA.com.hosts

$ORIGIN exampleA.com.
$TTL 1h
exampleA.com. IN SOA ns1.exampleA.com. ns2.exampleA.com. (
1; Serial - increment me
10800
3600
604800
38400 )
exampleA.com. IN NS ns1.exampleA.com.
exampleA.com. IN NS ns2.exampleA.com.
exampleA.com. IN A 1.1.1.1
exampleA.com. IN A 1.1.1.2



# cat /var/named/exampleB.com.hosts

$ORIGIN exampleB.com.
$TTL 1h
exampleB.com. IN SOA ns1.exampleB.com. ns2.exampleB.com. (
1; Serial - increment me
10800
3600
604800
38400 )
exampleB.com. IN NS ns1.exampleB.com.
exampleB.com. IN NS ns2.exampleB.com.
exampleB.com. IN A 1.1.1.3
exampleB.com. IN A 1.1.1.4



How does that look?

--
Dotan Cohen

http://gibberish.co.il
http://what-is-what.com
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 09-24-2010, 08:12 PM
Dotan Cohen
 
Default Configuring BIND to answer to two domain names (four IP addresses)

On Fri, Sep 24, 2010 at 22:06, James A. Peltier <jpeltier@sfu.ca> wrote:
> formatting for NS records is incorrect. *It should just read
>
> * * * * * * * * * NS ns1.exampleA.com.
> * * * * * * * * * NS ns2.exampleA.com.
>

Thanks. (I added the periods)

> where is your ns1.exampleA.com entry?
> where is your ns2.exampleA.com entry?
>

Where _should_ they be? So far as I've been able to google, I cannot
tell... This is what all the examples look like that I have been able
to find.


> Broken!
>

Ou!


--
Dotan Cohen

http://gibberish.co.il
http://what-is-what.com
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 09-24-2010, 08:16 PM
Dotan Cohen
 
Default Configuring BIND to answer to two domain names (four IP addresses)

Ah, some better examples here:
http://www.centos.org/docs/5/html/Deployment_Guide-en-US/s1-bind-zone.html

How is this file:

# cat /var/named/exampleA.com.hosts

$ORIGIN exampleA.com.
$TTL 1h
exampleA.com. IN SOA ns1.exampleA.com. ns2.exampleA.com. (
1; Serial - increment me
10800
3600
604800
38400 )
IN NS ns1.exampleA.com.
IN NS ns2.exampleA.com.
exampleA.com. IN A 1.1.1.1
exampleA.com. IN A 1.1.1.2
ns1 IN A 1.1.1.1
ns2 IN A 1.1.1.2






--
Dotan Cohen

http://gibberish.co.il
http://what-is-what.com
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 09-24-2010, 08:24 PM
Robert Heller
 
Default Configuring BIND to answer to two domain names (four IP addresses)

At Fri, 24 Sep 2010 19:43:11 +0200 CentOS mailing list <centos@centos.org> wrote:

>
> On Fri, Sep 24, 2010 at 19:38, Les Mikesell <lesmikesell@gmail.com> wrote:
> > You are making it much more complicated than necessary.
>
> That is what I suspected! I know that when Linux gets difficult, it is
> because I'm doing it wrong!
>
>
> > I'd configure
> > apache to use named virtual hosts and listen on all addresses (but you
> > might want to tie https to specific addresses so you can tie connections
> > to the right certificates),
>
> Exactly how it is configured.
>
>
> > and bind to listen on all addresses and
> > answer for all your domains.
> >
>
> So, then, the association of a FQDN with any particular IP address is
> only done in the domain name's control panel where the nameservers are
> set?

It is in bind's database (zone files). In named.conf you associate
domains (all but the leftmost part of the FQDN) with zone files and
zone files map from hostnames (left-most part of the FQDN) to ip
addresses.

Fragment of named.conf:

zone "deepsoft.com" {
type master;
file "deepsoft.com.zone";
// IP addresses of slave servers allowed to transfer
deepsoft.com
allow-transfer { any; };
};

zone "wendellfullmoon.org" {
type master;
file "wendellfullmoon.org.zone";
// IP addresses of slave servers allowed to transfer
deepsoft.com
allow-transfer { any;};
};


In deepsoft.com.zone file are 'IN A' records that bind <mumble>.deepsoft.com to
some IP address and in wendellfullmoon.org.zone are 'IN A' records that
bind <mumble>.are 'IN A' records that bind <mumble>.wendellfullmoon.org to
some IP address.

>
>

--
Robert Heller -- Get the Deepwoods Software FireFox Toolbar!
Deepwoods Software -- Linux Installation and Administration
http://www.deepsoft.com/ -- Web Hosting, with CGI and Database
heller@deepsoft.com -- Contract Programming: C/C++, Tcl/Tk


_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 

Thread Tools




All times are GMT. The time now is 05:33 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org