webserver test environment

Jeff Lasman blists at nobaloney.net
Wed Feb 25 14:11:23 UTC 2004 

On Saturday 21 February 2004 06:49 pm, gary wrote:

> I am setting up a web/mail server for remote colocation (OpenBSD,
> Postfix, Apache, Bind9). I would like to get it up and running on my
> home LAN for testing before it gets sent away.

Always a good idea; we run an extensive in-house network for such 
testing.

> I will be assigned two IP addresses by the colo host, one for each
> nameserver.

I'm presuming you're thinking "primary/secondary" here.  Are you going 
to have two physical servers?  Or just using one server?  If you're 
going to be running only one physical server you'll only be running one 
instance of DNS, which will answer on two IP#s.  However you'll be 
running only one "master" server and no "slaves".  A lot of people on 
this list, including me, think this is a bad idea, because you won't 
have any redundancy, but we'll leave that for another thread.

> Lets assume that my webserver is going to be harry.com
> and all the websites I host will use nameservers ns.harry.com and
> ns2.harry.com. The webserver will then run name based virtual hosts.

Let's assume they're going to be example.com, ns.example.com, and 
ns2.example.com, since the example.com domain is set aside specifically 
for use in examples.  And won't confuse anyone with the real 
"harry.com".  Unless of course, you really own the real "harry.com".

It sounds more as if you're going to have one nameserver, with two 
virtual interfaces, ns.harry.com and ns2.harry.com.

The important distinction is that if you're running only one physical 
nameserver you shouldn't have any slave records in your bind.conf file 
at all; many people make this mistake so I did want to point it out.

> Is there any way to create a temporary setup to simulate this on my
> LAN by configuring my gateway to pass those requests to the
> webserver so it can serve the virtual websites and not just its IP
> based default website?

How are you doing your testing?  What's your network topology?

We have two networks here.  The "outer" network is the one our ISP, SBC 
(with whom I'm having a lot of problems this week <frown>) has set up 
for us; it's defined by SBC's router.  Our "inner" network is one we've 
set up ourselves, using our own router, one of our static IP#s, and 
Network Address Translation.  We also own a second router we keep as a 
spare; we could use this temporarily to set up another network, either 
inside the inner network, or alongside it.

> Do I just duplicate all the dns entries by creating a zone section
> (and zone file) for each website on the gateway? Or a single
> zone/zone file containing CNAME records for each website pointing to
> the webserver's IP address?

I'm not sure what you mean by "duplicate".  Just what are you 
duplicating?  Are the domains you're hosting hosted somewhere else now?

We're well beyond testing DNS, so all we do is set up the server on a 
local network (our inner network), put local IP#s in the httpd.conf 
file, and set up our testing systems' host files with the local IP#s 
we've used.  That tests our httpd setup, but not our bind setup.

But I'm presuming you want to test bind...

I'd do it the same way.  I'd use local IP#s.  I'd set up bind to be 
authoritative for the domains, using the same local IP#s.  I'd set up 
separate zones, exactly as you intend to deploy them on the Internet 
once your server becomes authoritative, but with private DNS.

Then I'd tell the local machines I'm using to test, to use the new box's 
DNS.  If you're using unix/linux to test, you do that in 
/etc/resolv.conf.  If you're doing it in Windows or Apple OS, you're on 
your own.

I may be missing something else here; if so, please ask again.

And don't forget to change your httpd.conf, named.conf, and zone files 
to the real IP#s when you're done testing and before moving the system 
to colocation.

Jeff
-- 
Jeff Lasman, nobaloney.net, P. O. Box 52672, Riverside, CA  92517 US
Professional Internet Services & Support / Consulting / Colocation
Our blists address used on lists is for list email only
Phone +1 909 324-9706, or see: "http://www.nobaloney.net/contactus.html"

More information about the bind-users mailing list