Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 11th June 2013, 08:07
electronico_nc electronico_nc is offline
Member
 
Join Date: Oct 2012
Posts: 30
Thanks: 7
Thanked 1 Time in 1 Post
Default bind : delegate a subdomain

Hello all,

We have 2 servers running Ubuntu 12.04 and ISPConfig 3.0.5.2
Our goal is the have 1 server for production and 1 for developpement.

Production server :
vds.maindomain.tld aaa.bbb.ccc.ddd

Dev server :
local.maindomain.tld www.xxx.yyy.zzz

From Registar side :
Every domain managed by Production server has an entry like :
*.domain.tld. IN A aaa.bbb.ccc.ddd
(that points to the Production server)

So I have a managed domain domain1.tld on Production server (that is OK).
I would like it to delegate test.domain1.tld to the Dev server, so that typing :
http://test.domain1.tld
in a browser will be adressed to the Dev server.

Dev server:
A new DNS Zone has been created:
named.conf.local :
Code:
zone "test.domain1.tld" {
        type master;
        allow-transfer {aaa.bbb.ccc.ddd;};
        also-notify {aaa.bbb.ccc.ddd;};
        allow-update {aaa.bbb.ccc.ddd;};
        file "/etc/bind/pri.test.domain1.tld";
};
/etc/bind/pri.test.domain1.tld :
Code:
$TTL        3600
@       IN      SOA     local.maindomain.tld. server.maindomain.tld. (
                        2013061105       ; serial, todays date + todays serial #
                        7200              ; refresh, seconds
                        540              ; retry, seconds
                        604800              ; expire, seconds
                        86400 )            ; minimum, seconds
;

mail 3600 A        www.xxx.yyy.zzz
ns.domain1.tld. 86400 A        aaa.bbb.ccc.ddd
ns.test.domain1.tld. 86400 A        www.xxx.yyy.zzz
test.domain1.tld. 3600 A        www.xxx.yyy.zzz
test.domain1.tld. 3600      MX    10   mail.test.domain1.tld.
test.domain1.tld. 3600      NS        local.maindomain.tld.
www 3600 A        www.yyy.xxx.zzz
Production server :
A new entry has been created in domain1.tld DNS Zone, telling:
Code:
A 	ns.test.domain1.tld. 	www.xxx.yyy.zzz 	0 	86400
named.conf.local :
Code:
zone "domain1.tld" {
        type master;
        allow-transfer {none;};
        file "/etc/bind/pri.domain1.tld";
};
zone "test.domain1.tld" {
        type slave;
        masters {www.xxx.yyy.zzz;};
        allow-transfer {www.xxx.yyy.zzz;};
        file "/etc/bind/slave/sec.test.domain1.tld";
};
/etc/bind/pri.domain1.tld :
Code:
$TTL        3600
@       IN      SOA     vds.maindomain.tld. server.maindomain.tld. (
                        2013061101       ; serial, todays date + todays serial #
                        7200              ; refresh, seconds
                        540              ; retry, seconds
                        604800              ; expire, seconds
                        86400 )            ; minimum, seconds
;

domain1.tld. 3600 A        202.22.156.191
domain1.tld. 3600      MX    10   mail.domain1.tld.
domain1.tld. 3600      NS        vds.maindomain.tld.
mail 3600 A        202.22.156.191
mail 86400      TXT        "v=spf1 ip4:www.xxx.yyy.zzz ip4:aaa.bbb.ccc.ddd a mx ptr ~all"
ns.test.domain1.tld. 86400 A        www.xxx.yyy.zzz
www 3600 A        aaa.bbb.ccc.ddd
The subdomain test.domain1.tld is not transfered to Dev server ...

Production server syslog :
Code:
transfer of 'test.domain1.tld/IN' from www.xxx.yyy.zzz#53: connected using aaa.bbb.ccc.ddd#60073
transfer of 'test.domain1.tld/IN' from www.xxx.yyy.zzz#53: failed while receiving responses: REFUSED
transfer of 'test.domain1.tld/IN' from www.xxx.yyy.zzz#53: Transfer completed: 0 messages, 0 records, 0 bytes, 0.050 secs (0 bytes/sec)
Dev server syslog :
Code:
client aaa.bbb.ccc.ddd#51131: zone transfer 'test.domain1.tld/AXFR/IN' denied
I start to pull my hair and I probably miss something.
Thanks a lot if you assist a bit with this.

PS : port TCP & UDP 53 are opened on the 2 servers.
PS2 : I don't want to play with hosts file on client side, as domains : test.domain1.tld, test.domain2.tld, ... have to be accessible from anywhere.

Last edited by electronico_nc; 11th June 2013 at 09:37. Reason: added PS2 line at end, fixed typos
Reply With Quote
Sponsored Links
  #2  
Old 11th June 2013, 22:02
electronico_nc electronico_nc is offline
Member
 
Join Date: Oct 2012
Posts: 30
Thanks: 7
Thanked 1 Time in 1 Post
Default

update : zone transfer succeed :

Dev server
There were a typo at IP address in named.conf.local
setting for debug :
Code:
        allow-transfer {any;};
allowed the zone transfer

Dev server syslog :
Code:
zone test.domain1.tld/IN: sending notifies (serial 2013061105)
client aaa.bbb.ccc.ddd#52170: transfer of 'test.domain1.tld/IN': AXFR started
client aaa.bbb.ccc.ddd#52170: transfer of 'test.domain1.tld/IN': AXFR ended
Production server syslog :
Code:
zone test.domain1.tld/IN: Transfer started.
transfer of 'test.domain1.tld/IN' from www.xxx.yyy.zzz#53: connected using aaa.bbb.ccc.ddd#52170
zone test.domain1.tld/IN: transferred serial 2013061105
transfer of 'test.domain1.tld/IN' from www.xxx.yyy.zzz#53: Transfer completed: 1 messages, 8 records, 232 bytes, 0.050 secs (4640 bytes/sec)
Usefull code to know if zone transfer works or not, on slave :
Code:
dig @local.maindomain.tld test.domain1.tld. axfr

; <<>> DiG 9.8.1-P1 <<>> @local.maindomain.tld test.contact.nc. axfr
; (1 server found)
;; global options: +cmd
test.domain1.tld.	3600	IN	SOA	local.maindomain.tld. server.maindomain.tld. 2013061105 7200 540 604800 86400
test.domain1.tld.	3600	IN	A	www.xxx.yyy.zzz
test.domain1.tld.	3600	IN	MX	10 mail.test.domain1.tld.
test.domain1.tld.	3600	IN	NS	local.maindomain.tld.
mail.test.domain1.tld.	3600	IN	A	www.xxx.yyy.zzz
ns.test.domain1.tld.	86400	IN	A	www.xxx.yyy.zzz
www.test.domain1.tld.	3600	IN	A	www.xxx.yyy.zzz
test.domain1.tld.	3600	IN	SOA	local.maindomain.tld. server.maindomain.tld. 2013061105 7200 540 604800 86400
;; Query time: 29 msec
;; SERVER: 202.22.141.36#53(202.22.141.36)
;; WHEN: Wed Jun 12 06:14:22 2013
;; XFR size: 8 records (messages 1, bytes 232)
Nice : zone transfer is OK !

But typing in a browser :
http://test.domain1.tld
brings me to the default Apache2 page on Production server, not on the Dev server ...
Reply With Quote
  #3  
Old 12th June 2013, 00:58
pititis pititis is offline
Senior Member
 
Join Date: Dec 2010
Location: München
Posts: 364
Thanks: 39
Thanked 90 Times in 68 Posts
Default

The problem that I see here is create a new zone for adding a simple host (dev) . You don't need a zone for every host in a domain.

Simply add a A record to your domain.tld:

Code:
dev 86400 A      11.11.11.11
Also the NS entry is wrong, example:

Code:
ns 86400 A        22.22.22.22
Cheers
Reply With Quote
  #4  
Old 12th June 2013, 07:06
electronico_nc electronico_nc is offline
Member
 
Join Date: Oct 2012
Posts: 30
Thanks: 7
Thanked 1 Time in 1 Post
 
Default

Hello,
Thanks for your answer.

I suppose you're talking about the Registar input.

Unfortunately, I don't have a direct access to the Registar entries, I have to email them, then several days after, the modification is done ...

That's why I've asked Registar to add :
*.domain1.tld 86400 A ip_of_production_server
so any subdomains are directed to Production server.

I thought that I could then redirect any subdomain to the wanted server, ie :
test.domain1.tld -> ip_of_dev_server

It turns out that adding a simple A entry on Production server to domain1.tld like this :
test 86400 A ip_of_dev_server
never reach the Dev server while browsing : http://test.domain1.tld
It always stops at the default Apache2 page on Production server.

Other tries were :
Create a site test.domain1.tld on Production server and redirect it via Apache R,L to the Dev server : browsing http://test.domain1.tld always ended to the Dev server Apache2 default page.

That's why I thought to the DNS zone transfer.

I continue the tests and hope to find a solution without having to modify the Registar entries.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Ubuntu Hardy chrooted bind9 fails to start Djamu Server Operation 35 21st April 2010 08:28
sending e-mail using mail() function linuxuser1 HOWTO-Related Questions 38 21st April 2009 12:20
BIND version 9.5.0, under chroot /var/named/chroot terranet Tips/Tricks/Mods 0 17th July 2008 18:29
Problem on restart bind9 satimis Server Operation 6 30th October 2007 02:01
Bind-Chroot-Howto (Debian) spaz HOWTO-Related Questions 5 9th March 2006 14:50


All times are GMT +2. The time now is 18:50.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.