Help - vhosts not working and DNS question

Hi,
just added my first customer and found out that vhosts is not working correct in apache.
When browsing to the new domain I get the standard html page from the base directory (/var/www/html), and not the one from the new account (/home/<account>/domain.tld/html/

I’m running NAT and if I change the new domains .conf file in /etc/httpd/conf.d to use the internal IP (instead of the public one) for VirtualHost it works!?

Have I done any mistake in setting up the IP addresses in NodeWorx?
I have enabled the public IP 1 for accounts and I can see it’s in use by the new account.
In /etc/httpd/conf.d/namevirtualhost.conf the public IP 1 is specified

I’m also not quite clear about the DNS settings in NodeWorx. I have the following setup:

Default DNS servers:
10.0.0.9 (local IP)
10.0.0.8 (other caching server on local lan)

Active DNS Services (Recursive / Local Resolver):
127.0.0.1 53 TCP/UDP

Active DNS Services (Iterative)
10.0.0.9 53 UDP
public IP 1 53 UDP
public IP 2 53 UDP

Is this correct or have I specified something wrong?

Thanks in advance for any pointers
-tsl-

Ok, I’ve done a little research about the DNS setup.
I have now put the following as the default dns servers in NodeWorx:
primary - ns1.domain.tld (maps to public IP 1 in NodeWorx, present in external dns)
secondary - ns2.domain.tld (maps to public IP 2 in NodeWorx, present in external dns)
Is this correct?
Still, when creating a new testaccount that domain only gets the ns2 nameserver in its zone file??

About the virtualhost problem I think it’s to do with working behind the firewall with a NAT address. I can see that the NIC has the public IPs as aliases, but the firewall forwards all reqests on public IP ports 80, 443 and so on to the internal IP. If I have a NameVirtualHost configured in Apache with the public IP…this wouldnt work, right?

If this is the case, how can I successfully run this in a NAT environment?

Maybe I could put the internal IP in the namevirtualhost.conf file, but I guess that file is maintained from within NodeWorx regarding the available public IPs?

I’m a little nervous and confused at the moment and hoping that someone could help me understand this. The plan was to go live this weekend…:wink:

thanks
-tsl-

tsl,

Are you binding external IPs to internal IPs at your router? IWorx-CP doesn’t know the technical difference between internal and extenral IPs (since it doesn’t really need to) and if you’re setting up all of your sites on internal IPs and then making the linkups between external / internal IPs you should be fine except for DNS.

You’ll have to hand change the dns system to have it advertise the external IPs.

Sorry for the delay on this post, was tied up most of the weekend in new iworx-cp goodies.

Chris

Thanks Chris,
yes…we bind exernal IPs to internals at the firewall.
It sounds that running this on NAT would be very cumbersome to use. You would always need to do stuff manually. I think we quickly need to try to move the server to external access with an iptables fw on it.

How about the dns settings, are they correct?
Also, if I manually add a domain it gets both nameservers in the zone file, but if I add a domain/customer via Whois.Cart it only gets the secondary in the zone file (and SOA). Any idea where the problem could be?

thanks
-tsl-

Yes, it would be cumbersome in that you’d always have to “fix” dns entries to use the external IPs.

Regarding DNS:

Default DNS servers:
10.0.0.9 (local IP)
10.0.0.8 (other caching server on local lan)

You’ll want these 2 to be boxes that are authoritative for the domains hosted on your iworx-cp box. The 10.0.0.8 entry is fine as long as it is authoritative for your sites and is advertising the same dns info as 10.0.0.9.

Active DNS Services (Recursive / Local Resolver):
127.0.0.1 53 TCP/UDP

This is fine, and is the default.

Active DNS Services (Iterative)
10.0.0.9 53 UDP
public IP 1 53 UDP
public IP 2 53 UDP

You probably don’t want the 2 publics here, unless they are pingable by the outside and serving dns. The servers listed here should be the ones serving dns for your domains on the iworx box.

Regarding whois.cart I’m not sure tsl, I don’t believe you set the preferred dns servers from within the whois.cart interface do you? I don’t have a test install here to look.

Chris

Thanks for your reply Chris,
Ok, lets say I move the box to external and skip NAT, and I set the public IP 1 as the address on the nic. I then have public IP 2 as an alias.
Would I then want these IPs serving dns (iterative)?
The reason I want 2 auth dns addresses for the domains is that some registrars require it (at least for .se).

Sorry for the confusion and thanks again for your support.

About Whois…I set the the 2 preferred dns but thats only in an email template (if I remember correctly), so that users who would like to point their existing domains know where to point them. The problem must be in HAPI somewhere I think. As I mentioned in another post, the default language doesnt work through the HAPI aswell, just gets set to english (U.S).
Though, creating the account from NodeWorx works as expected.

regards
-tsl-

Yes, you can set the 2 aliases (or even the main IP and 1 IP alias) to serve DNS. By default iworx-cp will setup all IPs for iterative serving but only 2 are usually necessary.

Re: whois.cart, you do have the 2 DNS servers entered on the dns overview page right?

Chris

I have now moved the server to public IP and skipped NAT. vhosts is since then working fine.

hmm, not sure what you mean about whois…

I have 2 serious issues right now:

  1. Not able to edit the user info as a user.
  2. dns working strange, especially with cnames

Shall I open a ticket instead Chris?

rgds
-tsl-

Hey tsl, are you having trouble editing a siteworx user from the SiteWorx Home page with the edit link? If so, then you can get past it. When you go to User Accounts in SiteWorx you can click on the edit button and it works that way, I guess it’s a bug in the theme.

It may be easiest to open a ticket and provide all pertinent details tsl.

Chris

Thanks Zeth, I found that aswell. But it would be very nice to have the users being able to edit this themselves.

Chris, I have opened a ticket regarding the edit and cnames issues.

Cheers
-tsl-