Re: redirect apt to local repository
On Thursday 14 April 2005 02:10, Matt Price wrote:
> Thanks for the help, Alan. Lots more questions waiting for you inline
> if you're up for it...
Lets see
...
> > So what I get is a number of machines on my local lan called xxx.home
> > (where xxx are various winnie the pooh characters) and also
> > home.chandlerfamily.org.uk which inside the lan resolves to the same
> > address as webmail.home
>
> ok, that's great. How does this work on the client side? Is it
> sufficient for each computer to have "xxx" in /etc/hostname (e.g., so
> the computer whose name is pooh.home has "pooh" in /etc/hostname)? I
> guess this is partly a dhcp question, see below.
>
Yes - thats how I do it. In debian, a script in /etc/init.d then sets the
hostname from this file with the hostname --file /etc/hostname command.
> > Here are the relevent files in /etc/bind for my setup
> >
> > =========/etc/bind/named.conf.local
> >
> > zone "home" {
> > type master;
> > file "/etc/bind/db.home";
> > };
>
> As I understand it (I've just read through the BIND manual, which I find
> a bit hard to follow), what you've done here is defined a zone "home";
> any computer whose hostname ends in "home" belongs to this zone; and all
> the information about these computers is stored in the file
> /etc/bind/db.home . Similarly for the domains below. Is that about right?
Sort of. I think it actually works the other way round - the ip address gets
set (via dhcp or explicitly) and then if you do a reverse lookup of the ip
address via the zone file 0.168.192.in-addr.arpa you get the .home extension.
>
> > zone "0.168.192.in-addr.arpa" {
> > type master;
> > file "/etc/bind/db.0.168.192";
> >
> > };
>
> You didn't include /etc/bind/db.0.168.192; is there anything interesting
> in that file? I poked about in the default /etc/bind/ listings and in
> addition to the generic magic at the top of all these files ($TTL
> 604800, etc) there were individual listings for each full domain name;
> would I need to do that explicitly?)
Here's that file - I can't rember what the $TTL magic is actually about. I am
sure the manual will tell you.
Just so that you are not totally confused, my main server has 192.168.0.20 as
its main ip address, but also (on the same ethernet card) has 192.168.0.30
and 192.168.0.39 addresses. These are created with additional stanza's
in /etc/network/interfaces (heres a snippet to show what I mean)
iface eth1 inet static
address 192.168.0.20
netmask 255.255.255.0
iface eth1:0 inet static
address 192.168.0.30
netmask 255.255.255.0
=============/etc/bind/db.0.168.192
;
; BIND reverse data file for local loopback interface
;
$TTL 604800
@ IN SOA home. root.home. (
24 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
@ IN NS roo.home.
21 IN PTR kanger.home.
22 IN PTR pooh.home.
23 IN PTR eeyore.home.
24 IN PTR piglet.home.
25 IN PTR rabbit.home.
26 IN PTR tigger.home.
;
; Main Server has several names and addresses
;
20 IN PTR roo.home.
;
30 IN PTR webmail.home.
;
39 IN PTR test.home.
;
; Infrastructure Routers
;
10 IN PTR owl.home.
11 IN PTR gopher.home.
>
> > zone "home.chandlerfamily.org.uk" {
> > type master;
> > file "/etc/bind/db.home.chandlerfamily";
> > };
> >
> > ========/etc/bind/db.home
> > ; $Id: db.home,v 1.1 2002/11/11 16:26:10 alan Exp $
> > ; BIND data file for local domain
> > ;
> > $TTL 604800
> > @ IN SOA home. root.home. (
> > 33 ; Serial
> > 604800 ; Refresh
> > 86400 ; Retry
> > 2419200 ; Expire
> > 604800 ) ; Negative Cache TTL
> > ;
> > @ IN NS roo.home.
> > @ IN MX 10 mail.home.
>
> don't entirely understand this but I don't think it's especially
> important either.
The above two lines say that for the .home domain, roo.home is the name server
and mail.home is the mail server (so mail for xxx@home uses mail.home as its
mail server)
>
> > ; static allocation
> > kanger IN A 192.168.0.21 ;Study Workstation
> > pooh IN A 192.168.0.22 ;Breakfast Room
>
> ok, this bit I think I understand
>
> > ; below are allocated via dhcp because of compatibility at university
> > eeyore IN A 192.168.0.23 ; Emily's Portable
> > piglet IN A 192.168.0.24 ; Sarah's Portable
> > ; Special for work portable - must be allocated by dhcp because of
> > ; Work - it uses the mac address to find this address.
> > rabbit IN A 192.168.0.25
>
> these I don't get. If they IP's are allocated via dhcp, how do you know
> in advance that they will get the address you assign here? Are you
> doing some kind of magic with the dhcp server?
Yes - see my dhcp file - it uses the mac address of the ethernet card to
detect which machine they are. Some of the portables have two addresses so I
have to play some silly tricks to cover them both. Note, this is also
contains a way of setting hostnames.
Ignore the very last subnet stanza unless you are going to be connected to a
wan - I am protecting myself from external dhcp requests that might come in
over my wan interface by saying I am not the authoritve server for that
interface.
=============== /etc/dhcp3/dhcpd.conf
# dhcpd.conf
#
# Sample configuration file for ISC dhcpd
#
# option definitions common to all supported networks...
option domain-name "home";
option domain-name-servers 192.168.0.20;
option subnet-mask 255.255.255.0;
default-lease-time 21600;
max-lease-time 86400;
subnet 192.168.0.0 netmask 255.255.255.0 {
authoritative;
range 192.168.0.40 192.168.0.59;
option routers 192.168.0.20;
# The following are hosts which require a fixed ip-address (for instance
# so that NAT can direct things to them)
#
host roo {
hardware ethernet 00:50:da:ec:83:9a;
fixed-address roo.home;
option host-name "roo";
}
host rabbit1 {
hardware ethernet 00:06:5b:b7:9c:35;
fixed-address rabbit.home;
option host-name "rabbit";
}
host rabbit2 {
hardware ethernet 00:06:25:2a:fa:25;
fixed-address rabbit.home;
option host-name "rabbit";
}
host piglet1 {
hardware ethernet 00:0b:cd:a9:f2:62;
fixed-address piglet.home;
option host-name "piglet";
}
host piglet2 {
hardware ethernet 00:50:fc:d8:c0:9e;
fixed-address piglet.home;
option host-name "piglet";
}
host eeyore1 {
hardware ethernet 00:0b:cd:32:77:75;
fixed-address eeyore.home;
option host-name "eeyore";
}
host eeyore2 {
hardware ethernet 00:20:e0:5e:18:67;
fixed-address eeyore.home;
option host-name "eeyore";
}
host kanger {
hardware ethernet 00:50:DA:CF:A5:06;
fixed-address kanger.home;
}
host pooh {
hardware ethernet 00:30:1B:11:32:11;
fixed-address pooh.home;
}
host small {
hardware ethernet 00:06:25:57:19:5D;
fixed-address small.home;
}
host owl {
hardware ethernet 00:09:5b:24:f1:12;
fixed-address owl.home;
}
}
subnet 82.40.0.0 netmask 255.248.0.0 {
not authoritative;
}
> > roo IN A 192.168.0.20 ;Main machine
>
> is this the sme machine called "main machine" below? If so is there a
> reason it's assigned a different IP here?
Yes, I wanted separate ip addresses, because until recently this machine was
sitting behind a nat firewall (it now IS the NAT firewall). External
requests on port 80 got forwarded to the '30' address. I therefore could
have an external web site on that address, whilst I had a different internal
to the home web site on the '20' address.
> > @ IN NS home.chandlerfamily.org.uk.
> > home.chandlerfamily.org.uk. IN A 192.168.0.30 ;Main
> > machine
And this bit is the crux of your answer to your original question. When my
machines internal to the network make a web request to
home.chandlerfamily.org.uk they actually directly get 192.168.0.30 which is
the same ip address as the port forwarding of the router would give from an
external person coming into my network from outside.
--
Alan Chandler
http://www.chandlerfamily.org.uk
Reply to: