Hosting an Intranet Site on Debian Squeeze with Bind9 and Apache2

[jeroen2009]

I am trying to setup an intranet site with Debian Squeeze, Bind9 and Apache2 virtualhosts. Bind9 is setup as per below. I can ping hostname mytintrasite and get my apache virtualhost site with

http://myintrasite/,

though I can not ping or get the virtualhost posted with the names

http://john/

and

http://jane/

. Is there an issue with my config?

Hostname server2 has ip address 192.168.1.224
Hostname server1 has ip address 192.168.1.222
My Cisco 1760 router has ip address 192.168.1.254

Many thanks
Jeroen

apt-get install -y bind9 bind9-doc dnsutils

nano /etc/resolv.conf
domain myintrasite
search myintrasite
nameserver 127.0.0.1
nameserver 8.8.8.8
nameserver 8.8.4.4

nano /etc/bind/named.conf
include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";

nano /etc/bind/named.conf.options
forwarders {8.8.8.8;8.8.4.4.};

cat /etc/bind/named.conf.default-zones
this should be populated with root zone, loopback, broadcast, etc.

nano /etc/bind/named.conf.local
zone "myintrasite" {type master; notify no; file "/etc/bind/db.myintrasite"; allow-update{none;};};
zone "1.168.192.in-addr.arpa" {type master; notify no; file "/etc/bind/db.192.168.1"; allow-update{none;};};

cp /etc/bind/db.empty /etc/bind/db.myintrasite

nano /etc/bind/db.myintrasite
$TTL 600
@ IN SOA server2.myintrasite. root.server2.myintrasite. (
1 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ; Negative Cache TTL
)
TXT "Primary DNS Server"
@ IN NS server2.
@ IN NS server2.myintrasite.
@ IN MX 10 server2.
@ IN MX 20 server2.myintrasite.
@ IN CNAME server2
server1 IN A 192.168.1.222
server2 IN A 192.168.1.224
www IN A 192.168.1.222
ftp IN A 192.168.1.222
mail IN A 192.168.1.222
sip IN A 192.168.1.222
john IN CNAME server2
jane IN CNAME server2

cp /etc/bind/db.empty /etc/bind/db.192.168.1

nano /etc/bind/db.192.168.1
$TTL 600
@ IN SOA server2.myintrasite. root.server2.myintrasite. (
1 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ; Negative Cache TTL
)
@ IN NS server2.myintrasite.
1 IN PTR server2.myintrasite.
2 IN PTR server1.myintrasite.

/etc/init.d/networking restart
/etc/init.d/bind9 restart

 

[Noway2]

What happens, btw what error message do you get, if you try to do an nslookup on these names and a reverse lookup on the ip addresses?

By way of comparison, when you resolve myintrasite what does it give you? I ask this because I don't see where you define this in your zones. Ultimately, as you have surmised, you need john and jane to resolve the CNAME for the real server.

 

[jeroen2009]

When I ping, it says unknown host john. The command nslookup john gives
Server: 192.168.1.254
Address: 192.168.1.254#53
server can't find john: NXDOMAIN

Really, all I am trying to achieve is an intranet in my LAN with the local websites

http://john/

and

http://jane/

and for the apache sites I use the virtualhost. I thought the below config was enought for that.

nano /etc/bind/db.myintrasite
$TTL 600
@ IN SOA server2.myintrasite. root.server2.myintrasite. (
1 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ; Negative Cache TTL
)
TXT "Primary DNS Server"
@ IN NS server2.
@ IN NS server2.myintrasite.
@ IN CNAME server2.
server1 IN A 192.168.1.222
server2 IN A 192.168.1.224
www IN A 192.168.1.224
john IN CNAME server2
jane IN CNAME server2


nano /etc/bind/db.192.168.1
$TTL 600
@ IN SOA server2.myintrasite. root.server2.myintrasite. (
1 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ; Negative Cache TTL
)
@ IN NS server2.myintrasite.
1 IN PTR server2.myintrasite.
2 IN PTR server1.myintrasite.

 

[Noway2]

In order to access a site like

http://john,

in addition to creating a named vhost in your web server, the hosts that will be accessing the site need a means to translate the name 'john' to the correct IP address. This can be done in one of two ways: either add an entry to the hosts table on each machine that will be accessing this file or create the record in your zone table, which is the approach you have been taking and in my opinion is the preferred approach.

The zone file should have been enough for that, but nslookup is confirming that your DNS does not know how to resolve the name john.

The following post may be of help. coincidentally, it is a very similar problem to yours, which I had helped reply to on an another forum and it ranks high in Google's results:

http://www.linuxquestions.org/quest...server-cant-find-example-com-nxdomain-888422/

The first thing I would do is restart bind and look VERY closely at your log file to see if there are any warnings or errors that occur. If there are, these could be your problem.

If that doesn't work, try Bathory's suggestion in the post referenced. Based upon several posts, I will confirm that his knowledge of BIND is very good.

 

[jeroen2009]

I tweaked it a little and it now works. First I installed resolvconf

apt-get install resolvconf

that gave in /etc/resolv.conf
nameserver 127.0.0.1

/etc/bind/named.conf.local
zone "myintrasite" {notify no; type master; file "/etc/bind/db.myintrasite";};
zone "1.168.192.in-addr.arpa" {type master; notify no; file "/etc/bind/db.192.168.1"; allow-update {none;};};

/etc/bind/db.myintrasite
;$TTL 600
@ IN SOA myintrasite. root.server2.myintrasite. (
1 ; serial
604800 ; refresh
86400 ; retry
2419200 ; expire
604800 ) ; minimum TTL
IN NS server2.myintrasite.
IN A 192.168.1.224
server2 IN A 192.168.1.224
server1 IN A 192.168.1.222
john IN CNAME server2
jane IN CNAME server2

/etc/bind/db.192.168.1
$TTL 600
@ IN SOA myintrasite. root.server2.myintrasite. (
1 ; serial
604800 ; refresh
86400 ; retry
2419200 ; expire
604800 ) ; minimum TTL
;
@ IN NS server2.myintrasite.
224 IN PTR server2.myintrasite.
222 IN PTR server1.myintrasite.

The apache is configured with some virtualhost entries, myintrasite, john and jane