How to reach a local-only apache via centralized example.com



  • Hello, Im trying to setup 10 internal (local only) domain names to point to a local web server hosting 10 sites.
    example:
    server ip 192.168.10.10 (hostname: webserver1) has /var/www/site1,site2,3,4,5 etc…I would like for anyone behind the firewall to be able to access each by their own name like site1=xxx.com site2=yyy.com... no need to be reachable from outside.

    I've tried doing it from an individual client by setting up the hostname to point to the apache ip/port but I will need this to work from a centralized place in order to server everyone that logs in to the network, I've tried following some of the help in this forum like with pfsense DNS forwarder, dnsmask etc but have been unsuccessful... Im not very knowledgeable in this area so any help would be appreciated!

    Thanks



  • Are the clients using pfSense or something else for DNS.  If the clients are using pfSense DNS just add host overrides.


  • LAYER 8 Netgate

    Well, set it up then do DNS testing from the client trying to access the server.

    dig and drill are your friends

    drill @pfsense_local_interface_address www.example.com a

    drill @192.168.10.1 webserver1.example.com a

    What is returned?

    You can use nslookup if you must.

    Use a DNS troubleshooting tool when troubleshooting DNS issues. Not ping or a web browser. They don't give you the information you need, nor can you specifically target your lookups and bypass any local operating system or application caching.


  • LAYER 8 Global Moderator

    what does your host override look like?

    if I want webserver1.example.com to resolve to internal IP.. its simple override.  Does not matter if forwarder or resolver as long as you put it in the one your actually using - they are the same from how host overrides work point of view.. But if your using the forwarder and you put the override in resolver - not going to work, or if vice versa

    And as Derelict so correctly states using an actual dns tool to query is going to be way more informative than simple ping or browser - both of which could be using cache, etc..  And do not report on info like exactly what server you did the query against and what the TTL might be, etc. etc..





Log in to reply