Results 1 to 5 of 5

Thread: BIND and Sub-Domains

  1. #1
    Junior Member Newbie
    Join Date
    Dec 2006
    Posts
    3

    Exclamation BIND and Sub-Domains

    Greetings!

    I have seen a number of differing articles on the net on the correct way to manage SubDomains eg. webmail.mydomain.com

    I have seen some recommendations that you add these to BIND in the Addresses area and others recommend the Name Alias area.

    One recommendation was to add it to the Addresses area by use of a wildcard eg. *.mydomain.com

    I tried this however Webmin would not accept it - is it possible to use this method (by manually editing the named.conf file) OR which is the preferred way to add subdomains?

    I am using <Virtualhost *> with Servername webmail.mydomain.com however nothing seems to take ....

    One other question - reverse DNS - I have 2 IP's - and have activated (by support ticket) on one of the IP addresses. Should I do this for the other one? Do I also need to do reverse entries in my BIND as well?

    Thanks,



    Clint.

  2. #2
    Former Employee Power Poster
    Join Date
    Apr 2005
    Location
    Seattle, WA
    Posts
    140

    Default

    There are several different methods for specifying subdomains within the zone file, with pros and cons for each.

    The first is specifying each sub-domain with an IP. This works fine, and needs to be done if the subdomain is going to resolve to a different server or IP, however, it uses slightly more memory than the second method.

    Each subdomain can also be specified as a CNAME, or canonical name. This assigns the subdomain as an alias to the another domain. The problem with this is that you need to make sure you use use either a relative reference to the current zone file or a fully-qualified domain name which must end with a period in the zone file. The advantages are that if you change the IP of the domain to which the subdomain references, then the subdomain automatically resolves to the new IP as well.

    The third method is to use an asterisk, *, as a wildcard. The wildcard can be either an A record or a CNAME. The choice is up to you.

    When setting up your httpd.conf file, you need to make sure that each VirtualHost entry contains an IP and potentially the port, either :80 or :443. If you wish to do name based hosting, the more common form, you will ned to include 'NameVirtualHost IP:PORT' in order for the Servername and ServerAliases to function properly.

  3. #3
    Junior Member Newbie
    Join Date
    Jul 2007
    Posts
    4

    Default Webmin configures Bind to accept wildcards

    On the opening page of the bind server as accessed in Webmin, you can change the configuration options (see upper left corner). The Webmin default is "no" to accept wildcards. Change and be sure to click the apply/save changes button at the bottom of the config page.

    Erik

  4. #4
    Junior Member Newbie
    Join Date
    Apr 2009
    Posts
    1

    Default

    Webmin Core
    Updated the setup.sh script to use MD5 password encryption by default, on systems where Perl supports it.
    Fixed a security hole in the maketemp.pl script, used to create the /tmp/.webmin directory at install time. If an un-trusted user creates this directory before Webmin is installed, he could create in it a symbolic link pointing to a critical file on the system, which would be overwritten when Webmin writes to the link filename (CVE bug CAN-2004-0559).
    When PAM is used for Unix authentication, expired passwords are now detected and the user is prompted to select a new password (if this feature is enabled on the Webmin Configuration module).
    Make all functions in ui-lib.pl themable, allowing themes to have more detailed control over modules that make use of this library.
    Updated all modules to call ui_print_header instead of calling header and printing <hr>, so that themes can avoid the <hr>. Also updated the MSC theme to do this.

    Webmin Users
    Added a Module Config option for an alternate user and group list display, which takes up less space on systems with a large number of Webmin users.

    Apache Webserver
    Added an option when creating a virtual server to add a <Directory> section allowing access to its document root.
    Included support for the optional mod_bandwidth Apache module and it's directives.
    Included support for the optional mod_dav Apache module.

    BIND DNS Server
    Added a button for selecting a free IP address when adding Address records, and a Module Config page option for entering IP allocation ranges.
    Added basic support for delegation-only zones.
    Created two new bind8-lib.pl functions for creating and deleting slave zones, for use by remote callers to avoid transferring large amounts of data via RPC calls.
    If the rndc command is installed but does not re-load a zone properly, the ndc command will be attempted as well if possible.

    CD Burner
    Added detailed access control to limit a Webmin user to only using certain existing burn profiles, or to create profiles limited to selected directories.

    Cluster Software Packages
    When displaying the details of a package, the version numbers from each of the hosts it is installed on is shown.

    Cluster Webmin Servers
    Added the ability to create Webmin users and groups on one or several servers, rather than on all servers at once.

    Custom Commands
    Added an option to clear Webmin-related environment variables before running a command.

    DHCP Server
    Custom option definitions can now be edited, and will be preserved in the configuration file if manually defined.

    NFS Exports
    Added an option to determine if NFS writes to an export are immediately written to disk or not.

    Filesystem Backup
    Improved layout of dump form.

    Bootup and Shutdown
    On operating systems like FreeBSD and AIX that have a script which is run at system shutdown time, this script can now be edited. It will also be updated by the enable_at_boot and disable_at_boot functions to run any shutdown-time code for newly created actions.
    Added an access control option to allow only the starting and stopping of actions, but not editing.

    LDAP Users and Groups
    Updated the Module Config setting for password encryption to support both standard Unix MD5 and the MD5 variant output by the slappasswd program.
    When a user's home directory is a symlink, both the target of the link and the link itself are deleted.
    Added the ability to edit shadow password attributes for Unix users. Thanks to Stephan Borg for this and the following feature.
    Added the ability to re-name a Unix group.

    Printer Administration
    Ported the module to AIX, to manage it's native /etc/qconfig file and driver system.

    Logical Volume Management
    Added support for LVM2, as used in the new 2.6 Linux kernel.

    Read User Mail
    Added a basic HTML editor for sending and replying to email in HTML format. Requires Java 1.4+ in the browser. Must be enabled on the Module Config page, as it is still rather unstable.
    Included support for SMTP authentication when sending email, configurable on the Module Config page.

    Disk and Network Filesystems
    Added support for NFS version 4 on Linux, thanks to code contributed by Frederic Jolly.

    MySQL Database Server
    Added a button on the module's main page for backing up all databases, either immediately or on schedule.
    A Webmin user who has been set up to login to MySQL as a different user will now be prompted to login if his password set in the Webmin Users module incorrect.
    Added an access control restriction to limit the number of databases a Webmin user can own.

    Network Configuration
    Added checks on Linux to prevent interfaces with IPs that are already in use from being added, as this is not allowed by the OS.

    Postfix Configuration
    Added an option to the autoreply file editing page for specifying addresses to never auto-repond to. Accepts wildcards like *@foo.com or fred@*.

    PostgreSQL Database Server
    Added a button on the module's main page for backing up all databases, either immediately or on schedule.
    When using PostgreSQL version 7.4 or later, users can now be re-named.
    A Webmin user who has been set up to login to PostgreSQL as a different user will now be prompted to login if his password set in the Webmin Users module incorrect.
    Added an access control restriction to limit the number of databases a Webmin user can own.
    Fields can now be deleted from a table by clicking the Delete button on the field details page, rather than using the complex field-removal form.

    QMail Configuration
    Added an option to the autoreply file editing page for specifying addresses to never auto-repond to. Accepts wildcards like *@foo.com or fred@*.

    Disk Quotas
    Quotas and usage are now displayed in bytes, kB, MB or GB where appropriate, instead of always kilobytes.
    The quotaon -p command is now used to determine if quotas are active or not for some filesystem, which is faster and more reliable.

    Samba Windows File Sharing
    Added a page for binding the Samba server to a Windows domain.

    Squid Analysis Report Generator
    First version of this module, which can configure, run and schedule the Sarg Squid log report generation tool. Thanks to Omar Armas for sponsoring the development of this module.

    Sendmail Configuration
    Added an option when creating a Domain Routing entry to forward mail to a domain and all hosts in it.
    Added an option to the autoreply file editing page for specifying addresses to never auto-repond to. Accepts wildcards like *@foo.com or fred@*.

    Shorewall Firewall
    Added the ability to edit the blacklist table.

    Software Packages
    The package update system (YUM, APT or Redhat Network) can now be selected on the Module Config page, rather than being always detected automatically.

    Squid Proxy Server
    Added support for the header_access directive in Squid 2.5, which can be used to limit the HTTP headers passed through for different requests.

    System and Server Status
    Added a new monitor type for checking on RAID devices.

    System Time
    Multiple time servers can now be entered to sync with.

    Users and Groups
    When full user details are displayed, added checkboxes and a button for deleting multiple users at once.
    Added a similar button for deleting multiple groups at once too.
    User batch data can now be pasted into a text box, in addition to uploading a file or selecting a file on the server.
    When a user's home directory is a symlink, both the target of the link and the link itself are deleted.
    Added a Module Config option to set the default for the create, modify and delete in other modules options.

    Webmin Configuration
    Added an option to the Authentication page for enabling the use of MD5 encrypted passwords for Webmin users. These are more secure, and allow longer usable passwords.
    Added an option to the Proxy Servers page for specifying a source IP address for all network connections.

  5. #5
    Banned Newbie
    Join Date
    Sep 2010
    Posts
    2

    Default

    This article is very useful since i'm studying about BIND DNS.

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •