Hi,
I'm starting to get confused. Exactly what are you trying to achieve?
Before you answer that though, what you must understand is that when
you define a CNAME you do so in the domain for which the file is the
authoritative data. So, when you have, for example
named.conf:
zone "hairball.com" {
file "db.hairball";
type master;
}
db.hairball:
...
qa-one.foobar.com IN CNAME web2.hairball.com.
you are defining qa-one.foobar.com.hairball.com. You are NOT defining
qa-one.foobar.com. When you use ping, it asks the DNS for the IP for
qa-one.foobar.com.hairball.com. That's because it calls gethostbyname()
which (possibly after consulting some resolution configuration switch
file) will ask the DNS for the FQDN (qa-one.foobar.com.hairball.com) which
your DNS as you have configured it, knows about. gethostbyname() is
designed to be "user friendly" and calls the resolver routine res_search()
which will read and parse /etc/resolv.conf looking for "domain" or
"search" directives and applying the returned domain(s), modifying the
search at each go until it either gets an answer or fails. This can be a
very time consuming operation, taking 10-15 seconds which is far too long
for something like squid. Consequently squid doesn't call gethostbyname()
and doesn't even call res_search(). It goes straight to res_query() which
(in theory) will be very much quicker. If you have squid configured to not
add the local domain to unqualified names, you'll find that squid cannot
find "web2". It will find "web2.hairball.com" because your DNS knows about
it. To squid, "web2" is not "web2.hairball.com.", it's "web2" in the root
domain, ie "web2.".
So getting back to your problem. If you want squid to turn
qa-one.foobar.com into web2.hairball.com you'll need to have your DNS
configured as follows:
named.conf
zone "hairball.com" {
file "db.hairball";
type master;
};
zone "foobar.com" {
file "db.foobar";
type master;
};
db.hairball:
web2 IN A 10.9.8.7
db.foobar:
qa-one.foobar.com IN CNAME web2.hairball.com.
That is it. There is no other way. Repeat after me, there is no other way.
Where this will get you into trouble, though, is if you want "foobar.com"
to refer to a real domain. Then what I have told you to do is going to
make the real domain effectively inaccessible. In this case you probably
want to use a redirector that will selectively rewrite URLs. Then you
could have your redirector get a URL like
http://qa-one.foobar.com/index.html
and rewrite it to be
http://web2.hairball.com/index.html
which achieves the same result. The nice thing about doing it this way is
that you can have your redirector "consult outside influences" and alter
its behaviour according to those influences. For example, you could have
the redirector check the status of your link. If it's up, go to the real
site (ie don't rewrite the URL) but if it's down, go somewhere else (eg
web2.hairball.com).
Are we getting closer? :-)
On Tue, 18 Sep 2001, Pablo Sanchez wrote:
> Before I continue down that path a bit more... shouldn't it be
> possible to have SQUID talk to named much like 'ping?' In my simple
> pea-like brain, I'm thinking if SQUID didn't make it mandatory to have
> FQDN's, I'd be set.
Colin
Received on Tue Sep 18 2001 - 21:41:02 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:02:16 MST