Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have taken over a Redhat DNS server at work and I know virtually nothing about how named works. The DNS server is running named and not bind.
We have several websites that are hosted on Windows servers in our network. I have been able to get new sites to work by copying existing records and changing the names inside the master records. For example, if they wanted def.com I simply copied the abc.com master record and changed the @ IN SOA from abc.com to def.com and changed the A record to point to the webserver internal IP address that they told me the site was hosted on.
They have purchased a new domain name and it points to my Redhat nameserver. However, they are not going to have an internal website for this domain name. What they want to do is when anyone accesses the website they want to forward it to an external website of the partner company that they are performing work for.
How would I create a master record to make this happen? All my master records are in /var/named/chroot/etc/bind/master. The record names all correspond to the name of the websites. For example, if the website name is foobar.com, there is a foobar.com file in the master folder. In the /etc/named.conf file is an entry for the foobar.com site:
zone "foobar.com" {
type master;
file "master/foobar.com";
};
I can post a typical master record if it would help.
zone "foobar.com" {
type forward;
forwarders { 123.45.67.89; 234.56.78.90; };
}
So if I understand what rweaver and spampig are saying foodbar.com would forward to ip addresses 123.45.67.89 and 234.56.78.90. If that is the case is it possible to forward to a domain name instead of a fixed address? This would send them to the DNS servers of the external zone. Would forwarders { externalsite.com } work?
My understanding is this will forward DNS requests for 'foobar.com' to DNS servers at 123.45.67.89; 234.56.78.90.
If you are wanting to RESOLVE requests for foobar.com to an IP 123.45.67.89 then you would set up a zonefile to do it. You can do it by adding something like this to named.conf
Code:
zone "foobar.com" IN {
type master;
file "master/foobar.com.zone";
};
And then creating a zonefile: master/foobar.com.zone
Code:
$TTL 86400 ; 1 day
@ 10800 IN SOA ns.foobar.com. admin.foobar.com (
1 3600 1200 604800 10800 )
IN NS ns.foobar.com.
A 123.45.67.89
MX 10 mail1.foobar.com.
MX 20 mail2.foobar.com.
A 123.45.67.89
ns A 123.123.123.123
www A 123.45.67.89
mail1 A 123.45.67.87
mail2 A 123.45.67.88
This assumes your BIND server is 'ns.foobar.com' with an IP of 123.123.123.123. It assumes that any website is at 123.45.67.89 and two MX's, mail1 & 2 at IP's 123.45.67.87 & 88.
I note your BIND appears to run CHROOTED. With this in mind be careful where you put your named.conf and zonefile(s). I seem to recall some distro's copy the named.conf and zones into the chroot each time the named daemon is started. Others may read the information before dropping to chroot or keep the respective files in the chroot directory to start with. Depending on your level of understanding this will either make perfect sense or be Chinese to you. If it's the latter just bear in mind if you find files created in /var/named/chroot/... getting overwritten it's probably copying them in at startup. If it complains it can't find your zonefile then it probably needs to be in /var/named/chroot/etc/bind/master/<your_zonefile>. Redhat is not my native tongue :-)
If you are wanting to RESOLVE requests for foobar.com to an IP 123.45.67.89 ...
No, I am wanting to send requests for foobar.com to an offsite webserver such as offsite.com. For example, foobar.com resolves to our name servers 208.248.xx.xxx. When someone requests foobar.com I want to send them to website offsite.com.
I did put the website IP address in the forwarders section as you show. When I perform nslookup on the domain from the name server this is what I see:
nslookup foobar.com
;; Got referral reply from 127.0.0.1, trying next server
;; connection timed out; no servers could be reached
It looks like the referral part is working but the remote server is not answering.
Also, my named.conf file doesn't get overwritten when I restart named. It keeps the changes I make.
It looks like the referral part is working but the remote server is not answering
So 'offsite.com.' is a DNS server answering DNS requests - yes? Are there any firewall port 53 rules blocking the DNS server 'foobar.com' from talking to 'offsite.com'? Does the DNS server 'offsite.com' have an ACL or VIEW set up to limit access to the resource records from foobar.com?
BTW I trust you are doing it for honourable reasons, and not fast fluxing/officiating the name server for spamming? Forgive me, but I have to ask.
Case#1:
Forward DNS requests to another DNS server
or
Case#2:
do you want to resolve the DNS requests yourself?
I think you mean case #2, here is why ...
If offsite.com "points" to YOUR nameserver, as you said; that can only mean that YOUR DNS server IS the authoritative domain server for offsite.com. Then all you would need is to add an entry for that domain in /etc/named.conf and add your zone file in /var/named/chroot/etc/bind/master, as explained below.
Forwarding DNS is ONLY to setup your DNS server so that it forwards DNS requests to other server(s), as oposed to solving the queries itself; however, as you said it yourself: offsite.com "points" to YOUR nameserver." so YOUR DNS must resolve queries for it.
spampig, yes, it is for honourable reasons. They are selling something here on behalf of the partner company but didn't want to create a website here. When they are talking to the customer and they have questions they will tell them "Go to foobar.com and you will see the info". The partner company has the details of the product on their website. Our sales agent will be looking at the same info in case the partner company has changed something such as price, description, etc. Don't ask me how sales people work, I have never understood them.
amonamarth, there is no subdomain foobar.com at the offsite location. That is a totally different company with their own webservers and dns servers. I can't resolve anything from my end other than to route foobar.com to their website. From what I understand they will read the header information coming in, determine it is coming from us, and send them to the correct part of the website that foobar.com users are supposed to see.
They told me to set it up so that when a user accesses foobar.com they see the main page of the offsite website. Once that is done they (sales) will let the remote website people know and they will take it from there.
It seems to me it would have been better to let the offsite website company purchase the foobar.com name and not even involve us. But that would have been too easy.
Anyone know how to send users requesting foobar.com to end up at the offsite.com website? The offsite.com site does not point to my nameserver but the foobar.com site does point to my nameserver. I have to do it by name and cannot forward to a static IP for offsite.com.
there is no subdomain foobar.com at the offsite location. That is a totally different company with their own webservers and dns servers.
Yes, we are talking about DNS queries, basically resolving www.offsite.com into an IP address, right?
Quote:
Originally Posted by amonamarth
I can't resolve anything from my end other than to route foobar.com to their website. From what I understand they will read the header information coming in, determine it is coming from us, and send them to the correct part of the website that foobar.com users are supposed to see.
Unless I'm missing something here, you want to use your DNS to resolve www.offsite.com into an IP address; which happens to belong to their network, not yours. But that doesn't matter, it is still a DNS query.
I think you are misunderstanding something here. When a client connects to a website, say www.offsite.com and it queries your DNS, all you have to do is make sure your name server has an A record for host www.offsite.com; if it does, the DNS answers the client with an IP address. The client then opens an HTTP request to that IP address. It doesn't matter who owna the IP address(s)
Last edited by amonamarth; 03-23-2010 at 09:24 PM.
Anyone know how to send users requesting foobar.com to end up at the offsite.com website? The offsite.com site does not point to my nameserver but the foobar.com site does point to my nameserver. I have to do it by name and cannot forward to a static IP for offsite.com.
I see what you mean now, I misunderstood before.
Did you take a look at virtual hosts with Apache? I'm not sure it will let you forward HTTP queries to another server but it's worth a look.
No, I am wanting to send requests for foobar.com to an offsite webserver such as offsite.com. For example, foobar.com resolves to our name servers 208.248.xx.xxx. When someone requests foobar.com I want to send them to website offsite.com.
I think what you are looking for is CNAME* (or maybe DNAME)
According to wikipedia the DNS zone would then look something like :
Code:
foobar.com. CNAME offsite.com.
offsite.com. A 123.45.67.89
You probably want to leave the second line out, if you're server is not the DNS server for offsite.com
This is basically making foobar.com an alias of offsite.com.
* I don't know a thing about BIND and not much about DNS in general, so I could be completely wrong, but that's the answer Google gives.
Last edited by nonamenobody; 03-24-2010 at 06:02 AM.
Reason: Added an example and DNAME and mentioned that it is an alias
Thinking about it a bit further - when someone types 'foobar.com' into their browser, DNS will resolve the IP that of offsite.com - however their address bar will still show foobar.com.
I imagine this wouldn't work well with name based virtual hosting, unless you made changes to the HTTP server config. to make it aware of this. You would probably need to use HTTP redirect as well as a DNS alias - to my mind, this would be best placed on the in the HTTP config of offsite.com's HTTP server.
Anyone know how to send users requesting foobar.com to end up at the offsite.com website? The offsite.com site does not point to my nameserver but the foobar.com site does point to my nameserver. I have to do it by name and cannot forward to a static IP for offsite.com.
The situation is pretty simple.
All you have to do is to use the ip address of the offsite.com as the A record of foobar.com in the foobar.com zone file:
Code:
foobar.con IN A 1.2.3.4
where 1.2.3.4 resolves to offsite.com. Of course at the webserver running at offsite.com tthere must be a vhost named foobar.com
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
