LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 03-03-2012, 09:06 AM   #1
jeffreydavisjr
LQ Newbie
 
Registered: Aug 2006
Posts: 13

Rep: Reputation: 1
Question Can't access web sites on internal network (BIND Configuration)


Hey guys! I have been neck deep into CentOS 6 for 2 weeks now. Before that I had 0 experience in Linux as all my previous web server experience was in a Windows Environment. None-the-less, I have setup BIND version 9.7.3 and Apache version 2.2.15 and can view my domains/sub-domains over the internet (NOT ON THE LOCAL NETWORK).

However, when I am on the internal local network (Same network as the web server) I can not view the sites. I receive a page timeout error when I enter www.mydomain.com or subdomain.mydomain.com into the browser. In order to access the sites I have to enter the local IP Address (192.168.x.x) which defaults to the first sub-domain.

I am assuming it has something to do with the BIND setup. I could be wrong.

Thanks in advance for any suggestions/tips.
 
Old 03-03-2012, 09:28 AM   #2
david1941
Member
 
Registered: May 2005
Location: St. Louis, MO
Distribution: CentOS6
Posts: 267

Rep: Reputation: 57
You could check your named responses by using dig (see man dig). It will show what your name server returns when queried.
 
Old 03-03-2012, 09:43 AM   #3
jeffreydavisjr
LQ Newbie
 
Registered: Aug 2006
Posts: 13

Original Poster
Rep: Reputation: 1
I did a "dig mydomain.com" and it returned the following (I removed my real domain name and inserted "mydomain.com" and remove the external IP Address and replaced with X.X.X.X) The answer section returns back the external IP address to the server. This is fine for external requests. But what about internal request?
Code:
; <<>> DiG 9.7.3-P3-RedHat-9.7.3-8.P3.el6_2.2 <<>> mydomain.com 
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53671
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;mydomain.com.                IN      A

;; ANSWER SECTION:
mydomain.com. 15298   IN      A       X.X.X.X

;; Query time: 63 msec
;; SERVER: 208.180.42.100#53(208.180.42.100)
;; WHEN: Sat Mar  3 10:39:02 2012
;; MSG SIZE  rcvd: 56
 
Old 03-03-2012, 10:27 AM   #4
david1941
Member
 
Registered: May 2005
Location: St. Louis, MO
Distribution: CentOS6
Posts: 267

Rep: Reputation: 57
The system gets address resolution from different places; /etc/hosts /etc/resolv.conf and a name server. The name server is selected by the /etc/resolv.conf file. You might be able to just add your real name to your local /etc/hosts and that may work. If your name server serves all your local machines, it may be easier to just add a split DNS setup (see Section 4.4 of the bind ARM - https://www.isc.org/files/arm97.pdf or whatever bind you have).

(You didn't say what your IP really is but dig was using 208.180.42.100 as its name server and I assume that's true)

Last edited by david1941; 03-03-2012 at 10:29 AM. Reason: added comment on name server address
 
Old 03-03-2012, 01:44 PM   #5
jeffreydavisjr
LQ Newbie
 
Registered: Aug 2006
Posts: 13

Original Poster
Rep: Reputation: 1
When you say add my "real name" to the hosts file... Do you mean the local address of the server? Or the actual server name? (i.e. myserver.mydomain)

Thanks so much.
 
Old 03-03-2012, 02:34 PM   #6
david1941
Member
 
Registered: May 2005
Location: St. Louis, MO
Distribution: CentOS6
Posts: 267

Rep: Reputation: 57
I meant the answer you got above (that you obfuscated) came from rdns02.suddenlink.net. If that is the nameserver you set up for your resolutions, then I thought you might just try to put your local name and local address in the /etc/hosts file or set up a split dns for your local network resolution to allow your local browser to query for your website name and get the local address.

It makes it difficult to talk about things when they are obfuscated. If you are using private addresses (192.168.xxx.xxx or 10.xxx.xxx.xxx), no one else can route them anyway so hiding them is not hiding anything anyway while public addresses in DNS are just that - public, and DNS is public. A split DNS works for private internal networks that are called like my nameserver with a public DNS IP 99.178.153.41 or 2001:470:1f11:7d0::4 from the outside and by its internal address, 192.168.102.9 from the inside and returns the inside address to those machines querying from the inside or the outside address when queryed from outside. If you have only one machine, perhaps the /etc/hosts is just easier. The /etc/resolv.conf tells you machine which nameserver it should query.
 
Old 03-03-2012, 03:44 PM   #7
jeffreydavisjr
LQ Newbie
 
Registered: Aug 2006
Posts: 13

Original Poster
Rep: Reputation: 1
Dave, Thanks so much for your help. Putting the domains and subdomains in the host file solves the problem in regards to being able to view the websites on the actual server. But when attempting to browse to the web sites on the same network as the server I am still unable to reach the sites (Time out error). Basically, I have a server and a developer machine on the same network. When browsing on the developer machine I can not view the sites. When browsing on the server I can now thanks to your advice about the host file !

This really makes me think its a BIND DNS issue.

My resolv.conf file looks like this:
Code:
# Generated by NetworkManager
search dhssolutions
nameserver 208.180.42.100
This is my DNS Server that was provided to me by my ISP.

On the developer machine I can ping the domain names and the sub domain names just fine. I can also ping the private IP address to the server just fine. And again, plugging in the private IP address (192.168.1.254) into a web browser brings up the site fine as well... Spent 2 days on this so far...

So now I will try to split the DNS and see what happens. Thank again Dave, you've been an incredible help!

Last edited by jeffreydavisjr; 03-03-2012 at 03:52 PM. Reason: Added extra info...
 
Old 03-03-2012, 04:18 PM   #8
david1941
Member
 
Registered: May 2005
Location: St. Louis, MO
Distribution: CentOS6
Posts: 267

Rep: Reputation: 57
Unless you are running the name server on your local network, the split system won't work. You can always over-ride the DNS with the /etc/hosts file on each machine. But if you've got a lot of them, that's a problem and running a local server on the network just works out better. If you get into it and have problems, send me a private email and I'll share my setup.
 
Old 03-03-2012, 04:28 PM   #9
jeffreydavisjr
LQ Newbie
 
Registered: Aug 2006
Posts: 13

Original Poster
Rep: Reputation: 1
I am running the DNS on the same network so a split DNS will have to be used. I am reading the manual now and trying to implement it.
 
  


Reply

Tags
bind


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
creating domain name in bind problems exposing bind to internal network abhijit_mohanta Linux - Networking 1 09-03-2009 01:09 AM
creating domain name in bind problems exposing bind to internal network abhijit_mohanta Linux - Security 1 09-03-2009 01:01 AM
Not opeining the sites in internal network rr_rr_29 Linux - Software 1 04-03-2006 10:09 AM
Can't access some web sites Cichlid Linux - Distributions 2 01-13-2002 09:39 AM
Can't access some web sites! Cichlid Linux - Distributions 1 01-12-2002 03:04 PM


All times are GMT -5. The time now is 04:28 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration