Skip to main content

utiliser les vues de BIND

Resolution variable de "smtp.rktmb.org"

Le but est de faire en sorte que
  • Depuis 192.168.1.0/24, "smtp.rktmb.org" resolve vers 111.222.333.444
  • Depuis 192.168.2.0/24, "smtp.rktmb.org" resolve vers 555.666.777.888
Globalement il s'agit d'utiliser les "view" de BIND.
Actuellement "smtp.rktmb.org" est une enregistrement de type A dans la zone "rktmb.org".

Prérequis

Il y a deja 2 serveurs BIND en production, que nous appellerons "NS1" et "NS2"
Les vues ne seront opérationelles que sur "NS2", si le client fait directement sa requete sur "NS2".

Déléguer les DNS

Dans NS1, /etc/bind/hosts/masters/rktmb.org-hosts:
 smtp IN NS ns1.rktmb.org. smtp IN NS ns2.rktmb.org. 
Penser à supprimer les enregistrements A!
"smtp.rktmb.org" n'est plus un simple enregistrement, mais maintenant une zone.

Créer la zone

sur NS1

Dans /etc/bind/named.conf.local:
 zone "smtp.rktmb.org" {  type master;  file "/etc/bind/hosts/masters/smtp.rktmb.org-hosts";  allow-query { any; };  }; 
Dans /etc/bind/hosts/masters/smtp.rktmb.org-hosts
 $ttl 38400 smtp.rktmb.org.      IN      SOA     ns1.rktmb.org. postmaster.rktmb.org. (                        2010041501                        10800                        3600                        604800                        38400 ) @   IN NS ns1.rktmb.org. @   IN NS ns2.rktmb.org. @ 1 IN  A 111.222.333.444 

sur NS2

Dans /etc/bind/named.conf.local, créer la zone slave "smtp.rktmb.org.":
 zone "smtp.rktmb.org." {         type slave;         file "smtp.rktmb.org.hosts";         masters {                 ns1.rktmb.org;                 };         allow-query { any; };         }; 
Dans /etc/bind/named.conf.options, dans chaque vue existante, créer des zones master:
 view "les-1" {         match-clients { 192.168.1.0/24 ; }; [...]         zone "smtp.rktmb.org" {                 type master;                 file "/etc/bind/hosts/masters/smtp.rktmb.org-1";                 allow-query { any; };         }; }; 
 view "les-2" {         match-clients { 192.168.2.0/24 ; }; [...]         zone "smtp.rktmb.org" {                 type master;                 file "/etc/bind/hosts/masters/smtp.rktmb.org-2";                 allow-query { any; };         }; }; 

Dans les fchiers de "vues"

/etc/bind/hosts/masters/smtp.rktmb.org-1

 $ttl 38400 smtp.rktmb.org.      IN      SOA     ns1.rktmb.org. postmaster.rktmb.org. (                         2010041501                         10800                         3600                         604800                         38400 ) @ IN NS ns1.rktmb.org. @ IN NS ns2.rktmb.org. @ 1 IN A 111.222.333.444 

/etc/bind/hosts/masters/smtp.rktmb.org-2

 $ttl 38400 smtp.rktmb.org.      IN      SOA     ns1.rktmb.org. postmaster.rktmb.org. (                         2010041501                         10800                         3600                         604800                         38400 ) @ IN NS ns1.rktmb.org. @ IN NS ns2.rktmb.org. @ 1 IN A 555.666.777.888 

Popular posts from this blog

npm run build base-href

Using NPM to specify base-href When building an Angular application, people usually use "ng" and pass arguments to that invocation. Typically, when wanting to hard code "base-href" in "index.html", one will issue: ng build --base-href='https://ngx.rktmb.org/foo' I used to build my angular apps through Bamboo or Jenkins and they have a "npm" plugin. I got the habit to build the application with "npm run build" before deploying it. But the development team once asked me to set the "--base-href='https://ngx.rktmb.org/foo'" parameter. npm run build --base-href='https://ngx.rktmb.org/foo did not set the base href in indext.html After looking for a while, I found https://github.com/angular/angular-cli/issues/13560 where it says: You need to use −− to pass arguments to npm scripts. This did the job! The command to issue is then: npm run build -- --base-href='https://ngx.rktmb.org/foo&

Jenkins invalid privatekey

Publish over SSH, Message "invalid privatekey:" With quite recent (June-July 2020) installations of Jenkins and OpenSSH, I have the following error message when using the "Deploy overs SSH" Jenkins plug-in and publishing artifacts to the target overs SSH: jenkins.plugins.publish_over.BapPublisherException: Failed to add SSH key. Message [invalid privatekey: [B@d8d395a] This problem seems to be referenced here: https://issues.jenkins-ci.org/browse/JENKINS-57495 Just regenerate a key with the right parameters To solve it: ssh-keygen -t rsa -b 4096 Or ssh-keygen -t rsa -b 4096 -m PEM

Emacs TypeScript Development

Emacs Configuration for Typescript In order to comfortably develop on Node, React or Angular projects with Emacs, TIDE is a good solution. We have TypeScript code highlight (that is the minimum!) and code completion based on the codebase (not only on locally defined and builtins) In order to achieve that: Install Emacs (24+) Install Node Install Typescript (which will provide "tsserver") Install TIDE and some usefull dependencies Configure Emacs to use all those Node is then installed in " /home/mihamina/Apps/node-v12.18.0-linux-x64/bin ": you should add it to your PATH. Installing Typescript is done with: npm install --save typescript @types/browserify After that, "tsserver" will be in " /home/mihamina/node_modules/.bin " Then comes the installation of TIDE: With the Emacs package manager, M-x package-install , install "tide". Do the same for "web-mode", "flycheck", "company" "js2-mode" and "