I'm trying to get PHP5.02 and Apache2 working again having upgraded my slackware from 10 to 10.1. I've got Apache going OK but PHP is acting a bit odd.
The essential problem is that I've got my DNS a little bit awry (this may sound unrelated to PHP but we'll get there).
Before we had broadband my system had no name as there was never a need to access it from the outside world. Now we have broadband I've got a sub-domain pointing at the system:- home.isbd.net 84.51.144.229
I have a router which is what the outside world sees when it connects to home.isbd.net and the NAT and firewall are set up to send packets to the appropriate systems on the LAN side.
Within the LAN I the systems have names such as fred.isbd.co.uk (I own the isbd.co.uk domain) which only exist within the LAN and, on the Linux box, are set up in /etc/hosts. Thus there are entries such as:- 192.168.13.5 fred.isbd.co.uk fred
These are very convenient as one can use the short form 'fred' to connect to that machine.
However there are now some oddities occurring and I'm thinking I may have to change some/all of my hosts file. Firstly PHP keeps using the Linux server box's full name (server.isbd.co.uk) to try and do things and is failing miserably. Secondly for some reason the DNS on the LAN can't find home.isbd.net whereas everyone else in the world can find it and DNS on the LAN works for all other addresses.
In general what do others here do about naming machines on a small SoHo LAN behind a router? Is there some accepted way of doing it?
Chris Green wrote:
Within the LAN I the systems have names such as fred.isbd.co.uk (I own the isbd.co.uk domain) which only exist within the LAN and, on the Linux box, are set up in /etc/hosts. Thus there are entries such as:- 192.168.13.5 fred.isbd.co.uk fred
Why don't you run your own nameserver on your LAN and do away with having separate host files on each and every machine for this purpose?
These are very convenient as one can use the short form 'fred' to connect to that machine.
This is quite possible to sort out with resolv.conf and/or Windows boxes rather than having to rely on /etc/hosts.
However there are now some oddities occurring and I'm thinking I may have to change some/all of my hosts file. Firstly PHP keeps using the Linux server box's full name (server.isbd.co.uk) to try and do things and is failing miserably. Secondly for some reason the DNS on the LAN can't find home.isbd.net whereas everyone else in the world can find it and DNS on the LAN works for all other addresses.
What are you using for your DNS resolution on your LAN?
In general what do others here do about naming machines on a small SoHo LAN behind a router? Is there some accepted way of doing it?
Run my own nameserver :)
Regards,
Martyn
On Fri, May 20, 2005 at 12:52:58PM +0100, Martyn Drake wrote:
In general what do others here do about naming machines on a small SoHo LAN behind a router? Is there some accepted way of doing it?
Run my own nameserver :)
So how do you set things up so your nameserver knows a set of short convenient 'alias' names for all the local machines? Don't you need some sort of mechanism akin to /etc/hosts to enable you to give names to things like the two print servers I have?
Chris Green wrote:
So how do you set things up so your nameserver knows a set of short convenient 'alias' names for all the local machines? Don't you need some sort of mechanism akin to /etc/hosts to enable you to give names to things like the two print servers I have?
On your client machines you do this in your /etc/resolv.conf:
search isbd.co.uk
If you're running Windows for your clients, you'd go to Control Panel -> Network Connections -> Right-click NIC -> Double-click TCP/IP settings -> Click Advanced -> DNS -> DNS suffix for this connection (or alternatively you can use the Append these Domain Suffixes (in order).
Regards,
Martyn
On Fri, May 20, 2005 at 01:42:26PM +0100, Martyn Drake wrote:
Chris Green wrote:
So how do you set things up so your nameserver knows a set of short convenient 'alias' names for all the local machines? Don't you need some sort of mechanism akin to /etc/hosts to enable you to give names to things like the two print servers I have?
On your client machines you do this in your /etc/resolv.conf:
search isbd.co.uk
Yes, OK, so now if I try to connect to 'fred' the system will look for fred.isbd.co.uk as well as fred. However where/how does fred.isbd.co.uk get resolved to an IP address? Two or three of my 'fred's are print servers and/or printers which don't have a lot of inherent intelligence.
If you're running Windows for your clients, you'd go to Control Panel -> Network Connections -> Right-click NIC -> Double-click TCP/IP settings -> Click Advanced -> DNS -> DNS suffix for this connection (or alternatively you can use the Append these Domain Suffixes (in order).
Thanks for that bit.
Chris Green wrote:
Yes, OK, so now if I try to connect to 'fred' the system will look for fred.isbd.co.uk as well as fred. However where/how does fred.isbd.co.uk get resolved to an IP address? Two or three of my 'fred's are print servers and/or printers which don't have a lot of inherent intelligence.
On your DNS server, preferably locally. I'm not keen having private IPs made available on a public nameserver.
Regards,
Martyn
On Fri, May 20, 2005 at 01:51:17PM +0100, Martyn Drake wrote:
Chris Green wrote:
Yes, OK, so now if I try to connect to 'fred' the system will look for fred.isbd.co.uk as well as fred. However where/how does fred.isbd.co.uk get resolved to an IP address? Two or three of my 'fred's are print servers and/or printers which don't have a lot of inherent intelligence.
On your DNS server, preferably locally. I'm not keen having private IPs made available on a public nameserver.
I'll have to look into how that's configured then, I suppose it does make some sense to do it this way as, although I still need a list of names/IP addreses there will only be one copy - in the DNS server.
I then need to point all the other systems (windows, print servers, whatever) to the Linux server which does DNS and the Linux server uses the router as its DNS server - correct?
Chris Green wrote:
I'm trying to get PHP5.02 and Apache2 working again having upgraded my slackware from 10 to 10.1. I've got Apache going OK but PHP is acting a bit odd.
The essential problem is that I've got my DNS a little bit awry (this may sound unrelated to PHP but we'll get there).
<snip>
However there are now some oddities occurring and I'm thinking I may have to change some/all of my hosts file. Firstly PHP keeps using the Linux server box's full name (server.isbd.co.uk) to try and do things and is failing miserably. Secondly for some reason the DNS on the LAN can't find home.isbd.net whereas everyone else in the world can find it and DNS on the LAN works for all other addresses.
In general what do others here do about naming machines on a small SoHo LAN behind a router? Is there some accepted way of doing it?
Firstly, check your /var/log/messages on your DNS box for "martian sources" - I get them as I've set my DNS up to resolve external and internal addresses and have set the ADSL router to forward on all ports to my gateway machine. If so, you may want to set up your system like I do (or you might try this anyway even if you're not getting those messages):-
1) Remove the entries in your hosts files (they're unwieldy to maintain and not necessary for an internal network) 2) Add aliases to <each server name>.isbd.co.uk to point to 192.168.1.x (or whatever) 3) Set the resolv.conf on all your machines to use your upstream's DNS server for querying (it will then query yours and get the internal network address) and set the search parameter to isbc.co.uk (to allow you to use the short name of each machine without the domain attached)
Matt
On Fri, May 20, 2005 at 01:08:30PM +0100, Matt Parker wrote:
Firstly, check your /var/log/messages on your DNS box for "martian sources" - I get them as I've set my DNS up to resolve external and internal addresses and have set the ADSL router to forward on all ports to my gateway machine. If so, you may want to set up your system like I
I'm not doing anything like this and there aren't any odd messages in the messages file that I can see.
do (or you might try this anyway even if you're not getting those messages):-
- Remove the entries in your hosts files (they're unwieldy to maintain
and not necessary for an internal network)
Well that's easy enough to do!
- Add aliases to <each server name>.isbd.co.uk to point to 192.168.1.x
(or whatever)
I don't understand this bit, where/how do I "Add aliases"?
- Set the resolv.conf on all your machines to use your upstream's DNS
server for querying (it will then query yours and get the internal network address) and set the search parameter to isbc.co.uk (to allow you to use the short name of each machine without the domain attached)
Can't do this as I use multiple ISPs and the DNS server will change according to which ISP I'm connected to. The resolv.conf (or equivalent) on all my machines is set to point to the router which passes on DNS requests to whatever IPS it happens to be connected to.
Unless I'm misunderstanding what you mean by "upstream's DNS server", even if I'm not I don't see how that DNS server will "then query yours and get the internal network address".
Sorry if I'm sounding a bit obtuse but I'm rather lost.
I found maintaining a couple of /etc/hosts files much easier! :-)
Chris Green wrote:
- Add aliases to <each server name>.isbd.co.uk to point to 192.168.1.x
(or whatever)
I don't understand this bit, where/how do I "Add aliases"?
It depends on the DSN server you're using. I'm using Tiny DNS and for me they look like this in the root/data file:-
=zak.mpcontracting.co.uk:192.168.1.1:86400 =fred.mpcontracting.co.uk:192.168.1.100:86400 =marvin.mpcontracting.co.uk:192.168.1.101:86400 =oscar.mpcontracting.co.uk:192.168.1.102:86400 =floyd.mpcontracting.co.uk:192.168.1.103:86400 =max.mpcontracting.co.uk:192.168.1.104:86400 =larry.mpcontracting.co.uk:192.168.1.105:86400 =ivan.mpcontracting.co.uk:192.168.1.106:86400
- Set the resolv.conf on all your machines to use your upstream's DNS
server for querying (it will then query yours and get the internal network address) and set the search parameter to isbc.co.uk (to allow you to use the short name of each machine without the domain attached)
Can't do this as I use multiple ISPs and the DNS server will change according to which ISP I'm connected to. The resolv.conf (or equivalent) on all my machines is set to point to the router which passes on DNS requests to whatever IPS it happens to be connected to.
That's the same thing - at the end of the day every time you query for server.isbc.co.uk you're asking for the IP address from your ISP's nameserver. This will then query your nameserver for it. This is why you need the aliases in there to replace your hosts files.
Matt
On Fri, May 20, 2005 at 01:55:27PM +0100, Matt Parker wrote:
Can't do this as I use multiple ISPs and the DNS server will change according to which ISP I'm connected to. The resolv.conf (or equivalent) on all my machines is set to point to the router which passes on DNS requests to whatever IPS it happens to be connected to.
That's the same thing - at the end of the day every time you query for server.isbc.co.uk you're asking for the IP address from your ISP's nameserver. This will then query your nameserver for it. This is why you need the aliases in there to replace your hosts files.
Ah, no! Now I understand what your saying and it's not the way my system is, my situation is decidedly different.
I had the same problem when I used Demon back in the old days.
My domain isbd.co.uk (also isbd.net actually) is hosted on a remote machine which is a hosting service where my company's web pages are hosted. I.e. a 'whois' for isbd.co.uk returns (among other things):-
Domain Name: isbd.co.uk
Registrant's Agent: B S Net Ltd [Tag = BSNET] URL: http://www.bsnet.co.uk/
Name servers listed in order: dns0.bsnet.co.uk 82.133.91.19 dns1.bsnet.co.uk 82.133.91.20 dns2.bsnet.co.uk 212.135.230.213
The name isbd.net is also hosted on the same remote system and the sysadmin there has set me up a sub-domain home.isbd.net that points to my router which has a static IP 84.51.144.229.
So, I want to be able to resolve names on my local LAN somehow but without confusing the outside world. The machines on my LAN behind the router don't have any real DNS names and have private IP addresses, I want a way to give them short names that I can use while not confusing the outside world when it tries to connect to my Web server (for example) at http://home.isbd.net/.
At the moment my /etc/hosts with xxx.isbd.co.uk names in it seems to confuse things totally, which is why I asked the original question.
Chris Green wrote:
In general what do others here do about naming machines on a small SoHo LAN behind a router? Is there some accepted way of doing it?
I currently do mine like this: - my domain greenhills.co.uk is public, and hosted on the internet - my lan machines are e.g. grinder.home.greenhills.co.uk - my main openwrt-based lan router runs dnsmasq (on its lan interface) and is configured to resolve *.home.greenhills.co.uk itself, and forward other queries to my isp - home.greenhills.co.uk is not delegated; outsiders don't see it. - my lan machines have "search home.greenhills.co.uk" in resolv.conf, so that "ssh grinder" works.
This configuration is relatively new, but appears to work fine. I hadn't used dnsmasq before, but it's nice. It also does dhcp on my lan.
On some of the machines on the lan I also run dnscache so that I can override parts of the dns namespace (for example when making a VPN connection into another lan) without having to upset my main dns service.
You said you use multiple ISPs, so that you have different upstream dns servers. In that situation I would: - use a FORWARDONLY dnscache on your routers lan address, for use by your lan machines - run tinydns on 127.0.0.1 on your router, to serve names on your lan - forward queries for your lan domain to tinydns - forward other queries to your isp - script your isp connection scripts to put the right values in dnscache/root/servers/@, then run svc -du to restart dnscache
You could achieve the same with dnsmasq: update dnsmasq.conf then restart it.
-- Martijn
On Fri, May 20, 2005 at 02:40:49PM +0100, Martijn Koster wrote:
Chris Green wrote:
In general what do others here do about naming machines on a small SoHo LAN behind a router? Is there some accepted way of doing it?
I currently do mine like this:
- my domain greenhills.co.uk is public, and hosted on the internet
- my lan machines are e.g. grinder.home.greenhills.co.uk
- my main openwrt-based lan router runs dnsmasq (on its lan interface) and is configured to resolve *.home.greenhills.co.uk itself, and forward other queries to my isp
- home.greenhills.co.uk is not delegated; outsiders don't see it.
- my lan machines have "search home.greenhills.co.uk" in resolv.conf, so that "ssh grinder" works.
This configuration is relatively new, but appears to work fine. I hadn't used dnsmasq before, but it's nice. It also does dhcp on my lan.
This sounds something like where I want to be, however it does seem to be getting steadily more complicated which is why I originally stayed with /etc/hosts. It's easy enough using /etc/hosts, you edit one and copy it to the other two or three machines (or the same between Windows machines and LMHOSTS).
You said you use multiple ISPs, so that you have different upstream dns servers. In that situation I would:
- use a FORWARDONLY dnscache on your routers lan address, for use by
your lan machines
- run tinydns on 127.0.0.1 on your router, to serve names on your lan
- forward queries for your lan domain to tinydns
- forward other queries to your isp
- script your isp connection scripts to put the right values in dnscache/root/servers/@, then run svc -du to restart dnscache
You could achieve the same with dnsmasq: update dnsmasq.conf then restart it.
Remember my router is a small box made by Zyxel, not a Linux box.
-
Chris Green -
Martijn Koster -
Martyn Drake -
Matt Parker