The Sorrow Posted September 29, 2011 Share Posted September 29, 2011 Ok, i got some zrazy stuff going on.... I have a LAMP server with no content except the "It works" and myphpadmin pages. Ive attached a map of my network including about everything. the domain is cobra.unit (not sure if it was obvious) and im trying to set up DNS to send me to my LAMP server for cobra.unit/* browser entries. Discuss. Not sure where to go from here. DNS works, firewall works. Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted September 29, 2011 Share Posted September 29, 2011 For the DNS part what are you using, Windows Server or Linux BIND? Quote Link to comment Share on other sites More sharing options...
Jason Cooper Posted September 29, 2011 Share Posted September 29, 2011 Which direction are you trying to connect to the LAMP from? if from within the network and the DNS is set up you just need and an 'A' record (assuming IPv4 if you want IPv6 then use an 'AAAA' record, or use both for IPv4 and IPv6) for cobra.unit that points to the servers IP address. Or you could add a CNAME record that makes cobra.unit an alias for LAMP.cobra.unit. If you wanting external access to the LAMP server by the cobra.unit hostname then you will be in for a bit of a problem, as I don't believe that unit is a valid internet domain. You could always get a valid internet domain and point it's DNS records at your server (assuming that you have a static IP address) or use a dynamic dns service (best solution if you don't have a static IP address). Note your external IP address will be different for your LAMP.cobra.unit server than the internal IP address (asuming you are using NAT). Quote Link to comment Share on other sites More sharing options...
The Sorrow Posted September 30, 2011 Author Share Posted September 30, 2011 (edited) im trying to connect as a local intranet web server from LAN -> DMZ. The server is BIND9. i also have pfSense set up to allow incoming over 1337 -> 80 since Cox blocks web servers for non-business accounts. (And eh what the hell) http://70.173.111.196:1337/ is the direction you need to go. Im just trying to get local web server stuffs going. Here are my bind config files: /etc/bind/zones/ |-cobra.unit.db // replace example.com with your domain name. do not forget the . after the dom$ // Also, replace ns1 with the name of your DNS server example.com. IN SOA ns1.example.com. admin.example.com. ( // Do not modify the following lines! 2007031001 28800 3600 604800 38400 ) // Replace the following line as necessary: // ns1 = DNS Server name // mail = mail server name // example.com = domain name cobra.unit = cobra.unit cobra.unit. IN NS thesorrow.cobra.unit. cobra.unit. IN MX 10 mail.cobra.unit. // Replace the IP address with the right IP addresses. thefury IN A 10.10.1.200 theend IN A 10.10.1.254 thesorrow IN A 10.10.1.250 theboss IN A 10.10.2.100 |-rev.1.10.10.in-addr.arpa //replace example.com with yoour domain name, ns1 with your DNS server name. // The number before IN PTR example.com is the machine address of the DNS serve$ @ IN SOA thesorrow.cobra.unit. admin.cobra.unit. ( 2007031001; 28800; 604800; 604800; 86400 ) IN NS thesorrow.cobra.unit. 1 IN PTR cobra.unit Edited October 18, 2011 by The Sorrow Quote Link to comment Share on other sites More sharing options...
Jason Cooper Posted September 30, 2011 Share Posted September 30, 2011 Assuming your web server is hosting The Lair, then it works from outside your network. So your DMZ firewall rules are working. If you can access it locally via IP then that leaves us with the local DNS setup. What do you get when you use nslookup to lookup cobra.unit and theboss.cobra.unit? Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted September 30, 2011 Share Posted September 30, 2011 Do an Nslookup against you webserver IP address to determine if BIND is resolving the IP address and the hostname correctly. If it's not working, see this article for more details on configuring BIND. http://news.softpedia.com/news/How-to-Host-Your-Own-Domain-With-Bind9-on-Ubuntu-49585.shtml Quote Link to comment Share on other sites More sharing options...
The Sorrow Posted September 30, 2011 Author Share Posted September 30, 2011 (edited) yep. thats the forum. ill NSLookup and post the results in a few. It does this : Server: UnKnown Address: 10.10.1.250 *** UnKnown can't find theboss.cobra.unit: Server failed Edited October 1, 2011 by The Sorrow Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted October 1, 2011 Share Posted October 1, 2011 yep. thats the forum. ill NSLookup and post the results in a few. It does this : Server: UnKnown Address: 10.10.1.250 *** UnKnown can't find theboss.cobra.unit: Server failed Yeah, sounds like DNS issue. Make sure your dns service is running and there are no errors in your log files. I would also suggest, checking out that link I provided you earlier on. Also when performing the nslookup query make sure the host where you issuing it from knows about your DNS server. If you do an Ifconfig it should tell you what DNS server its using for doing the DNS look ups. Quote Link to comment Share on other sites More sharing options...
The Sorrow Posted October 1, 2011 Author Share Posted October 1, 2011 i set up my config files the same except i replaced their generic fields with my own. Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted October 1, 2011 Share Posted October 1, 2011 i set up my config files the same except i replaced their generic fields with my own. I am currently installing Ubuntu as a virtual machine and will play a bit with Bind9. Will get back to you, once I have the whole thing setup and going. Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted October 1, 2011 Share Posted October 1, 2011 Have installed Bind9 and configured, as per this article and worked without any issues. http://ubuntuforums.org/showthread.php?t=236093 Quote Link to comment Share on other sites More sharing options...
The Sorrow Posted October 2, 2011 Author Share Posted October 2, 2011 Woa. Hold on. TheBoss is in another network (10.10.2.0/24) I may have to add the other networks i have into the DNS entries for forward and reverse lookup. Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted October 3, 2011 Share Posted October 3, 2011 Woa. Hold on. TheBoss is in another network (10.10.2.0/24) I may have to add the other networks i have into the DNS entries for forward and reverse lookup. Since its a different subnet altogether, you will need a router Or set up a second NIC on your server and assign that IP address range to it. Quote Link to comment Share on other sites More sharing options...
The Sorrow Posted October 3, 2011 Author Share Posted October 3, 2011 so i cant just add another reverse lookup rev.2.10.10.in-addr.arpa for that network? it has to be another NIC? I know windows can be DNS for multiple IP ranges... unless im mistaken.... Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted October 4, 2011 Share Posted October 4, 2011 so i cant just add another reverse lookup rev.2.10.10.in-addr.arpa for that network? it has to be another NIC? I know windows can be DNS for multiple IP ranges... unless im mistaken.... Technically you could add another reverse lookup rev.2.10.10 for that network, but you will need an additional NIC, because of the second subnet. Quote Link to comment Share on other sites More sharing options...
Jason Cooper Posted October 4, 2011 Share Posted October 4, 2011 (edited) Technically you could add another reverse lookup rev.2.10.10 for that network, but you will need an additional NIC, because of the second subnet. Your DNS server doesn't need a NIC per subnet it is being used for lookup from. If that was the case then corporate DNS servers would require thousands of network interfaces. Leave the routing between subnets to routers (theEnd.cobra.unit looks like it is routing between the subnets in this case). Of course you will have to make sure that your firewall between your subnets doesn't block DNS access internally. Edited October 4, 2011 by Jason Cooper Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted October 4, 2011 Share Posted October 4, 2011 Your DNS server doesn't need a NIC per subnet it is being used for lookup from. If that was the case then corporate DNS servers would require thousands of network interfaces. Leave the routing between subnets to routers (theEnd.cobra.unit looks like it is routing between the subnets in this case). Of course you will have to make sure that your firewall between your subnets doesn't block DNS access internally. So he is still need a router! Quote Link to comment Share on other sites More sharing options...
Jason Cooper Posted October 4, 2011 Share Posted October 4, 2011 So he is still need a router! theEnd.cobra.unit is connecting 3 subnets together and running pfSense, looks to me like a router. Or to put it another way he doesn't need another router as he has one doing the job already. Quote Link to comment Share on other sites More sharing options...
The Sorrow Posted October 4, 2011 Author Share Posted October 4, 2011 aye. pfSense is a router and firewall Quote Link to comment Share on other sites More sharing options...
The Sorrow Posted October 7, 2011 Author Share Posted October 7, 2011 Ok so this is my new setup. I have name resolution working for my LAN subnet but when i try pinging theboss or theboss.cobra.unit it still wont work. i have a rule allowing the DMZ addresses to look at 10.10.1.250 (thesorrow.cobra.unit) for DNS and i see flags of pfSense allowing those transmissions in the system log. Maybe ill have to hit up pfSense for some ideas with rules... idk. /etc/bind/cobra.unit.db $TTL 3D @ IN SOA thesorrow.cobra.unit. admin ( 2011100311 ;serial number 8H ;refresh 2H ;retry 4W ;expiration 1D ) ; ; @ NS thesorrow thepain A 10.10.1.251 thesorrow A 10.10.1.250 thefury A 10.10.1.200 theboss A 10.10.2.100 theend A 10.10.1.254 theend A 10.10.2.254 theend A 10.10.3.254 rev.1.10.10.in-addr.arpa $TTL 3D $ORIGIN 1.10.10.in-addr.arpa. @ IN SOA thesorrow.cobra.unit. admin.cobra.unit. ( 2011100311 ;serial number 8H ;refresh 2H ;retry 4W ;expiration 1D ) ; ; NS thesorrow.cobra.unit. ;thesorrow ; 100 PTR thefury.cobra.unit. 251 PTR thepain.cobra.unit. 254 PTR theend.cobra.unit. 250 PTR thesorrow.cobra.unit rev.2.10.10.in-addr.arpa $TTL 3D $ORIGIN 1.10.10.in-addr.arpa. @ IN SOA thesorrow.cobra.unit. admin.cobra.unit. ( 2011100311 ;serial number 8H ;refresh 2H ;retry 4W ;expiration 1D ) ; ; NS thesorrow.cobra.unit. ;thesorrow ; 100 PTR theboss.cobra.unit Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.