Skip to main content

utiliser les vues de BIND

Resolution variable de "smtp.rktmb.org"

Le but est de faire en sorte que
  • Depuis 192.168.1.0/24, "smtp.rktmb.org" resolve vers 111.222.333.444
  • Depuis 192.168.2.0/24, "smtp.rktmb.org" resolve vers 555.666.777.888
Globalement il s'agit d'utiliser les "view" de BIND.
Actuellement "smtp.rktmb.org" est une enregistrement de type A dans la zone "rktmb.org".

Prérequis

Il y a deja 2 serveurs BIND en production, que nous appellerons "NS1" et "NS2"
Les vues ne seront opérationelles que sur "NS2", si le client fait directement sa requete sur "NS2".

Déléguer les DNS

Dans NS1, /etc/bind/hosts/masters/rktmb.org-hosts:
 smtp IN NS ns1.rktmb.org. smtp IN NS ns2.rktmb.org. 
Penser à supprimer les enregistrements A!
"smtp.rktmb.org" n'est plus un simple enregistrement, mais maintenant une zone.

Créer la zone

sur NS1

Dans /etc/bind/named.conf.local:
 zone "smtp.rktmb.org" {  type master;  file "/etc/bind/hosts/masters/smtp.rktmb.org-hosts";  allow-query { any; };  }; 
Dans /etc/bind/hosts/masters/smtp.rktmb.org-hosts
 $ttl 38400 smtp.rktmb.org.      IN      SOA     ns1.rktmb.org. postmaster.rktmb.org. (                        2010041501                        10800                        3600                        604800                        38400 ) @   IN NS ns1.rktmb.org. @   IN NS ns2.rktmb.org. @ 1 IN  A 111.222.333.444 

sur NS2

Dans /etc/bind/named.conf.local, créer la zone slave "smtp.rktmb.org.":
 zone "smtp.rktmb.org." {         type slave;         file "smtp.rktmb.org.hosts";         masters {                 ns1.rktmb.org;                 };         allow-query { any; };         }; 
Dans /etc/bind/named.conf.options, dans chaque vue existante, créer des zones master:
 view "les-1" {         match-clients { 192.168.1.0/24 ; }; [...]         zone "smtp.rktmb.org" {                 type master;                 file "/etc/bind/hosts/masters/smtp.rktmb.org-1";                 allow-query { any; };         }; }; 
 view "les-2" {         match-clients { 192.168.2.0/24 ; }; [...]         zone "smtp.rktmb.org" {                 type master;                 file "/etc/bind/hosts/masters/smtp.rktmb.org-2";                 allow-query { any; };         }; }; 

Dans les fchiers de "vues"

/etc/bind/hosts/masters/smtp.rktmb.org-1

 $ttl 38400 smtp.rktmb.org.      IN      SOA     ns1.rktmb.org. postmaster.rktmb.org. (                         2010041501                         10800                         3600                         604800                         38400 ) @ IN NS ns1.rktmb.org. @ IN NS ns2.rktmb.org. @ 1 IN A 111.222.333.444 

/etc/bind/hosts/masters/smtp.rktmb.org-2

 $ttl 38400 smtp.rktmb.org.      IN      SOA     ns1.rktmb.org. postmaster.rktmb.org. (                         2010041501                         10800                         3600                         604800                         38400 ) @ IN NS ns1.rktmb.org. @ IN NS ns2.rktmb.org. @ 1 IN A 555.666.777.888 

Comments

  1. Et pour blacklister la commande pour exporter la zone dns ? :-)

    ReplyDelete

Post a Comment

Popular posts from this blog

vmware libz libfontconfig libexpat

Archlinux - Kernel 4.11 - VMWare workstation 12.5.7 With this combination, when I launch "vmware", despite the fact I already "export VMWARE_USE_SHIPPED_LIBS=force", I get those lines:

Unable to load libfontconfig.so.1. /usr/lib/vmware/lib/libz.so.1/libz.so.1: version `ZLIB_1.2.9' not found (required by /usr/lib/libpng16.so.16) Unable to load libfontconfig.so.1 from /usr/lib/vmware/lib/libfontconfig.so.1/libfontconfig.so.1: libexpat.so.0: cannot open shared object file: No such file or directory Unable to load dependencies for /usr/lib/vmware/lib/libvmware-modconfig.so/libvmware-modconfig.so
In order to workaround, I decided to get the things to the maximum: Add all shipped libraries in the LD_LIBRARY_PATH.

So I created my custom launcher of "vmware" and this is the content:

#!/bin/bash
export VMWARE_USE_SHIPPED_LIBS=force
LD_LIBRARY_PATH=""
LD_LIBRARY_PATH=$( find /usr/lib/vmware/lib/ -maxdepth 1 -mindepth 1 -type d | awk 'BEGIN{p=&quo…

vmware net_device trans_start

VMWare Workstation 12 and Kernel 4.7 When recompiling vmware kernel modules on a kernel 4.7, I get this error:

/tmp/modconfig-xrrZGZ/vmnet-only/netif.c:468:7: error: ‘struct net_device’ has no member named ‘trans_start’; did you mean ‘mem_start’?     dev->trans_start = jiffies;
This seems to be an already encountered problem: http://rglinuxtech.com/?p=1746http://ferenc.homelinux.com/?p=356 I choosed to replace the line, instead of deleting it.

- dev->trans_start = jiffies; + netif_trans_update(dev); I also noted that I had to re-tar the modified sources instead of leaving them untared, because the compilation process only takes the archives. 
On precedent editions of these files, I just left the modified folders "vmnet-only/" and "vmmon-only/" expanded without the need to re-tar them.


Jira workflow for new projects

Associated workflow creation I'm a Jira Cloud user and begining from some version 6, I noticed that when I create a project, it automatically creates a Workflow and Issue Scheme that is prepended by the project key and which is a copy of the default scheme.
I always had to make a cleanup after creating a project. Default workflow for new projects I also miss a feature that would allow me to make a custom workflow (and globally custom project setting) the default for new projects I create.
Solution: Create with shared configuration While searching, I noticed that with Jira Cloud which is version 7.1.0 at the time I write, there is a link at the bottom of the "Create project" wizard:
"Create with shared configuration" will allow me to select the project I want the new one to share configuration with.

The new created project will use the same configuration as the project I selectThere will be no creation of Workflow and Issue Scheme that I need to cleanup

This fea…