Re: apache-dns cname-vhost

Wed, 16 Jan 2002 11:59:13 -0600 

also sprach Jesse <[EMAIL PROTECTED]> [2002.01.16.1737 +0100]:
> I am a newbie administrator and I'm in the process of upgrading(fixing) our 
> current dns setup.  Right now there is a dns forward zone set up for each 
> virtual host.  After reading some docs on apache.org and the dns and bind 
> book it seems I could get away with just using cname records.  Is it correct 
> to assume I could do something like this:

yes, absolutely.

however, you can't place

vhost.com. IN CNAME ...

into a zone for our.real.domain.

maybe it would even work, but you need a separate zone file for each.
whether they actually use A records to point to the IP, or CNAMEs to
point to our.real.domain. doesn't matter in terms of apache. i'd
prefer A records (CNAMEs are said to be deprecated), but in terms of
functionality, they are the same. A records will be more flexible and
transparent...

> zone "hosted-sites" {
>   type master;
>   file "/etc/bind/hosted-sites";
> };

also, this won't work. hosted-sites is not a zone name. read below.

> And then just let apache handle the name based vhosts?  Is it really 
> necessary to have a seperate zone file for each vhost?

yes. and yes. let me elaborate on the second.

the named.conf zone statement tells BIND to be authoritative for a zone.
thus, you will have something lik:

  zone "our.real.domain" IN {
    type master;
    file "..."
  };

in named.conf. when BIND now gets a request for our.real.domain, it says
"yes, i am surely the right one to ask as i am authoritative for this
domain", and then answers the query with information from the zone file.

if you get a request for www.vhost1.com, then BIND will look for a
statement

  zone "vhost1.com" IN {
    ...
  }

but since it can't find it, it then either goes out to obtain the info
from other nameservers (usually not, that's the job of a
resolver/forwarder, not of a name server. BIND can do it though), or it
simply says "sorry, wrong place to ask." it will surely not be smart
enough to remember that you defined vhost1.com. (even with terminating
dot) in our.real.domain.

does this make sense?

-- 
martin;              (greetings from the heart of the sun.)
  \____ echo mailto: !#^."<*>"|tr "<*> mailto:"; [EMAIL PROTECTED]
  
"when I was a boy I was told
 that anybody could become president.
 now i'm beginning to believe it."
                                                    -- clarence darrow

Attachment: pgp5ZfgtlqweH.pgp
Description: PGP signature

Reply via email to