Solved

DNS Aliases on Debian 3

Posted on 2003-10-25
10
303 Views
Last Modified: 2010-03-18
I'm running Debian 3 and am trying to set up the whole caboodle (mail, ftp, web, dns) on one server. I have a domain name (diablog.co.uk) which is on external domain name servers. I have the external DNSes set up so that certain subdomains (eg me.diablog.co.uk) are pointed at my server. However, my router can't cope with using these external DNSes since when I am trying to get to them from the inside. Therefore, I am using my server as a DNS server from inside my network.

My problem is that I can't create an alias for my server.

I tried doing it manually, and then installed webmin to help. From webmin, my "records file" looks like this:

$TTL      43200
diablog.co.uk.      IN      SOA      rover.diablog.co.uk. 2003102514 (
                  6
                  15
                  14D
                  12H
                   )
@            IN      MX      5      192.168.7.100.
@            IN      NS      192.168.7.100.
diablog.co.uk.      IN      A      192.168.7.100
me.diablog.co.uk.      IN      CNAME      rover.diablog.co.uk.

Dunno if it's any use.
0
Comment
Question by:piersk
  • 5
  • 4
10 Comments
 
LVL 7

Expert Comment

by:HalldorG
ID: 9620120
There is a listen option in bind

listen-on { 192.168.1.2; };

Therefore you could be running 2 instances of bind
 or have different profile depending
on where the query is coming from.

0
 
LVL 1

Author Comment

by:piersk
ID: 9620132
No, I need them all running on the same IP. I know that this is possible in windows using aliases, so I'm sure that it must be possible when using BIND
0
 
LVL 7

Expert Comment

by:HalldorG
ID: 9620804
So have you made the external name server to give you namespace of
me.diablog.co.uk

Then for you to add

machine1.me.dablog.co.uk
0
 
LVL 7

Expert Comment

by:HalldorG
ID: 9620810
Or is your problem that you want

me.diablog.co.uk look to be 123.123.123.123 from the outside and 192.168.1.3 from the inside.

0
 
LVL 1

Author Comment

by:piersk
ID: 9620878
The second. From the outside the router will pass packets to the server which will then deal with it (i.e. Apache and virtual domains), but on the inside it goes straight to the server.
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 
LVL 13

Expert Comment

by:td_miles
ID: 9622045
you have a CNAME that points to rover.diablog.co.uk, but no actual entry for "rover" ?
Not sure if this is because you have chopped some of the file out or what ?

Rather than using a CNAME, try just putting in the actual IP address (192.168.1.3) and see if this works.
0
 
LVL 1

Author Comment

by:piersk
ID: 9622162
Is that necessary, since my PC can already see rover?

Anyway, i did what you suggested, but this didn't work. For the record, my new file lnow looks like this:

$TTL      43200
diablog.co.uk.      IN      SOA      rover.diablog.co.uk. 2003102514 (
                  6
                  15
                  14D
                  12H
                   )
@            IN      MX      5      192.168.7.100.
@            IN      NS      192.168.7.100.
diablog.co.uk.      IN      A      192.168.7.100
me.diablog.co.uk.      IN      CNAME      192.168.7.100
0
 
LVL 7

Accepted Solution

by:
HalldorG earned 150 total points
ID: 9622233
The record should be me  IN A 192.168.7.100

Can you dig your domain from your server
That is

dig @mylinuxipaddress diablog.co.uk axfr

Second
rover.diablog.co.uk.  should have an A address as it is the zone NS
and the ns should not point to an ip address rather to a name
@        IN   NS rover
rover   IN   A 192.168.7.100

There is a setup on how to use split view setup on this page

http://www.zytrax.com/books/dns/ch6/#stealth

It looked correct to me as what you want



0
 
LVL 1

Author Comment

by:piersk
ID: 9622510
That web page is what I want, but I'm unsure how I should go about it. I've changed the config as above, so it now reads:

$TTL      43200
diablog.co.uk.      IN      SOA      rover.diablog.co.uk. 2003102514 (
                  7
                  15
                  14D
                  12H
                   )
@            IN      MX      5      192.168.7.100.
@            IN      NS      rover
rover.diablog.co.uk.      IN      A      192.168.7.100
me              IN      A      192.168.7.100
0
 
LVL 1

Author Comment

by:piersk
ID: 9629878
Ta muchly HalldorG. I got a bit confused last night with what you said, and then read it tonight and it all made sense. Many thanks.
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now