Linux Administration

Thursday, 20 August 2015

APACHE AS REVERSE PROXY

Apache as Reverse Proxy

Requirement:

(1) Web Server

(2) Proxy Server

(3) DNS SERVER

(4) CLIENT

WEB SERVER IP: 192.168.1.3

WEB SERVER HOSTNAME: google.com

PROXY SERVER IP 192.168.1.5

PROXY SERVER HOSTNAME proxy.server.com

DNS SERVER IP: 192.168.1.4

DNS SERVER HOSTNAME: masterdns.arun.com

CLIENT IP: 192.168.1.1

Client Server Architecture

(A) Web Server:

Hostname: google.com

IP Address: 192.168.1.3

(1) Install apache packages

[root@google ~]# yum install httpd*

(2) Make Changes in below configuration file.

[root@google ~]# vim /etc/httpd/conf/httpd.conf

(2.1)

#Listen 12.34.56.78:80

Listen 80

Listen 81

(2.2)

NameVirtualHost 192.168.1.3:80

ServerAdmin root@mail.google.com

DocumentRoot /var/www/html

DirectoryIndex chat.html

ServerName chat.google.com

</VirtualHost>

NameVirtualHost 192.168.1.3:81

ServerAdmin root@mail.google.com

DocumentRoot /var/www/html

DirectoryIndex mail.html

ServerName mail.google.com

</VirtualHost>

(3) Create 2 html file in /var/www/html directory

[root@google ~]# cd /var/www/html/

[root@google html]# ll

total 8

-rwxrwxrwx 1 root root 53 Aug 11 16:35 chat.html

-rwxrwxrwx 1 root root 36 Aug 11 16:35 mail.html

[root@google html]#

[root@google html]# cat chat.html

Welcome to GooGle Chating Services.Enjoy The Chating

[root@google html]# cat mail.html

Welocome to GooGle Mailing Service.

(4) Restart the apache service

[root@google html]# /etc/init.d/httpd restart

Stopping httpd: [ OK ]

Starting httpd: [ OK ]

(B) Proxy Server

Hostname: proxy.server.com

IP Address: 192.168.1.5

(1) Install apache packages

[root@proxy ~]# yum install httpd*

(2) Make Changes in below configuration file.

[root@proxy ~]# vim /etc/httpd/conf/httpd.conf

(2.1)

#Listen 12.34.56.78:80

Listen 80

Listen 81

(2.2)

NameVirtualHost 192.168.1.5:80

ServerAdmin root@proxy.server.com

DocumentRoot /var/www/html

DirectoryIndex chat.html

ServerName proxy.server.com

</VirtualHost>

ProxyRequests Off

ProxyPass /chat.html http://chat.google.com/chat.html

ProxyPassReverse /chat.html http://chat.google.com/chat.html

NameVirtualHost 192.168.1.5:81

ServerAdmin proxy.server.com

DocumentRoot /var/www/html

DirectoryIndex mail.html

ServerName proxy.server.com

</VirtualHost>

ProxyRequests Off

ProxyPass /mail.html http://mail.google.com/mail.html

ProxyPassReverse /mail.html http://mail.google.com/mail.html

(3) Create 2 html file in /var/www/html directory

[root@proxy html]# cd /var/www/html/

[root@proxy html]# ll

total 8

-rwxrwxrwx. 1 root root 14 Aug 19 12:01 chat.html

-rwxrwxrwx. 1 root root 14 Aug 19 12:01 mail.html

[root@proxy html]#

[root@proxy html]# cat chat.html

proxy chating

[root@proxy html]# cat mail.html

proxy mailing

[root@proxy html]#

(4) Restart the apache service

[root@proxy html]# /etc/init.d/httpd restart

Stopping httpd: [ OK ]

Starting httpd: [ OK ]

[root@proxy html]#

Please refer DNS blog for DNS server configuration

http://linuxtpoint.blogspot.in/2015/08/master-slave-dns_11.html

(1) Now We have to make entry of google.com and server.com zones in /etc/named.conf file

[root@masterdns named]# vim /etc/named.conf

(2) Make changes in forward and reverse zone file

[root@masterdns named]# cd /var/named/

[root@masterdns named]# cat for

$TTL 86400

@ IN SOA masterdns.arun.com. root.arun.com. (

1 ; serial

3600 ; refresh

1800 ; retry

604800 ; expire

86400 ; minimum

)

@ IN NS masterdns.arun.com.

@ IN NS slavedns.arun.com.

@ IN NS mail.google.com.

@ IN NS chat.google.com.

@ IN NS proxy.server.com.

masterdns IN A 192.168.1.4

slavedns IN A 192.168.1.2

www IN A 192.168.1.4

mail IN A 192.168.1.3

chat IN A 192.168.1.3

proxy IN A 192.168.1.5

[root@masterdns named]#

[root@masterdns named]# cat rev

$TTL 864000

@ IN SOA masterdns.arun.com. root.arun.com. (

1 ; serial

3600 ; refresh

1800 ; retry

604800 ; expire

86400 ; minimum

)

@ IN NS masterdns.arun.com.

@ IN NS slavedns.arun.com.

@ IN NS proxy.server.com.

@ IN PTR arun.com.

@ IN PTR google.com.

@ IN PTR server.com.

masterdns IN A 192.168.1.4

slavedns IN A 192.168.1.2

www IN A 192.168.1.4

mail IN A 192.168.1.3

chat IN A 192.168.1.3

proxy IN A 192.168.1.5

4 IN PTR masterdns.arun.com.

2 IN PTR slavedns.arun.com.

4 IN PTR www.arun.com.

3 IN PTR mail.google.com.

3 IN PTR chat.google.com.

5 IN PTR proxy.server.com.

(3) Restart Named Services

[root@masterdns named]# /etc/init.d/named restart

Stopping named: . [ OK ]

Starting named: [ OK ]

[root@masterdns named]#

(D) Client :

IP Address: 192.168.1.1

(2)Now if we Access Proxy server then Proxy Server Redirect Request to Web server and we get web pages of Web Server.

(2.1) From IP

(2.2) From Name

Tuesday, 11 August 2015

MASTER-SLAVE DNS CONFIGURATION

MASTER-SLAVE DNS

Primary Or Master DNS Server details:

IP Address: 192.168.1.4

HostName: masterdns.arun.com

Secondary Or Slave DNS Server details:

IP Address: 192.168.1.2

HostName: slavedns.arun.com

Primary DNS Configuration

(1) [root@masterdns ~]# yum install bind* -y

(2) [root@masterdns ~]# vim /etc/named.conf

// named.conf

// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS

// server as a caching only nameserver (as a localhost DNS resolver only).

// See /usr/share/doc/bind*/sample/ for example named configuration files.

options {

listen-on port 53 { 192.168.1.4; 127.0.0.1; };

listen-on-v6 port 53 { ::1; };

directory "/var/named";

dump-file "/var/named/data/cache_dump.db";

statistics-file "/var/named/data/named_stats.txt";

memstatistics-file "/var/named/data/named_mem_stats.txt";

allow-query { localhost; 192.168.1.0/24; }; # IP Range of allow Hosts

allow-transfer { localhost; 192.168.1.2; }; # Slave IP

recursion yes;

dnssec-enable yes;

dnssec-validation yes;

dnssec-lookaside auto;

/* Path to ISC DLV key */

bindkeys-file "/etc/named.iscdlv.key";

managed-keys-directory "/var/named/dynamic";

};

logging {

channel default_debug {

file "data/named.run";

severity dynamic;

};

zone "." IN {

type hint;

file "named.ca";

};

zone"arun.com" IN {

type master;

file "for";

allow-update { none; };

};

zone"1.168.192.in-addr.arpa" IN {

type master;

file "rev";

allow-update { none; };

};

zone"google.com" IN {

type master;

file "for";

allow-update { none; };

};

include "/etc/named.rfc1912.zones";

include "/etc/named.root.key"

(3) Creat the For and Rev Zone files as mentioned in named.conf

[root@masterdns ~]# cd /var/named/

[root@masterdns named]# ll

total 40

drwxr-x--- 6 root named 4096 Jun 18 10:18 chroot

drwxrwx--- 2 named named 4096 Aug 10 17:34 data

drwxrwx--- 2 named named 4096 Aug 11 16:46 dynamic

-rw-r----- 1 root named 1892 Feb 18 2008 named.ca

-rw-r----- 1 root named 152 Dec 15 2009 named.empty

-rw-r----- 1 root named 152 Jun 21 2007 named.localhost

-rw-r----- 1 root named 168 Dec 15 2009 named.loopback

drwxrwx--- 2 named named 4096 Jun 4 2012 slaves

[root@masterdns named]#

FORWARD ZONE :

[root@masterdns named]# cp named.localhost for

[root@masterdns named]# vim for

$TTL 86400

@ IN SOA masterdns.arun.com. root.arun.com. (

201506187 ; serial

3600 ; refresh

1800 ; retry

604800 ; expire

86400 ; minimum

)

@ IN NS masterdns.arun.com.

@ IN NS slavedns.arun.com.

@ IN NS mail.google.com.

@ IN NS chat.google.com.

masterdns IN A 192.168.1.4

slavedns IN A 192.168.1.2

www IN A 192.168.1.4

mail IN A 192.168.1.3

chat IN A 192.168.1.3

RESERVE ZONE:

[root@masterdns named]# cp named.loopback rev

[root@masterdns named]# vim rev

$TTL 864000

@ IN SOA masterdns.arun.com. root.arun.com. (

201506187 ; serial

3600 ; refresh

1800 ; retry

604800 ; expire

86400 ; minimum

)

@ IN NS masterdns.arun.com.

@ IN NS slavedns.arun.com.

@ IN PTR arun.com.

@ IN PTR google.com.

masterdns IN A 192.168.1.4

slavedns IN A 192.168.1.2

www IN A 192.168.1.4

mail IN A 192.168.1.3

chat IN A 192.168.1.3

4 IN PTR masterdns.arun.com.

2 IN PTR slavedns.arun.com.

4 IN PTR www.arun.com.

3 IN PTR mail.google.com.

3 IN PTR chat.google.com.

(4) Change the group to the named

[root@masterdns named]# chgrp named rev

[root@masterdns named]# chgrp named for

[root@masterdns named]# ls -l

total 40

drwxr-x--- 6 root named 4096 Jun 18 10:18 chroot

drwxrwx--- 2 named named 4096 Aug 10 17:34 data

drwxrwx--- 2 named named 4096 Aug 11 16:46 dynamic

-rw-r----- 1 root named 718 Aug 11 01:45 for

-rw-r----- 1 root named 1892 Feb 18 2008 named.ca

-rw-r----- 1 root named 152 Dec 15 2009 named.empty

-rw-r----- 1 root named 152 Jun 21 2007 named.localhost

-rw-r----- 1 root named 168 Dec 15 2009 named.loopback

-rw-r----- 1 root named 932 Aug 11 01:45 rev

drwxrwx--- 2 named named 4096 Jun 4 2012 slaves

[root@masterdns named]#

(5) Then we need to check the Context of the files under

[root@masterdns ~]# ls -lZd /etc/named.conf

-rw-r-----. root named system_u:object_r:named_conf_t:s0 /etc/named.conf

/etc/named.conf

(6) If its Different than this then we need to restore the context using

[root@masterdns named]# restorecon /etc/named.conf

(7) Now we need to Check for the Error in the conf file and Zone file

[root@masterdns named]# named-checkzone arun.com /var/named/for

zone arun.com/IN: loaded serial 201506187

root@masterdns named]# named-checkzone 1.168.192.in-addr.arpa /var/named/rev

zone 1.168.192.in-addr.arpa/IN: loaded serial 201506187

(8) Start the DNS Service

[root@masterdns named]# /etc/init.d/named restart

Stopping named: . [ OK ]

Starting named: [ OK ]

[root@masterdns named]#

(9) Make Changes in /etc/resolv.conf

[root@masterdns named]# vim /etc/resolv.conf

nameserver 192.168.1.4

(10) Check the working og DNS server

[root@masterdns named]# nslookup slavedns.arun.com

Server: 192.168.1.4

Address: 192.168.1.4#53

Name: slavedns.arun.com

Address: 192.168.1.2

[root@masterdns named]# nslookup masterdns.arun.com

Server: 192.168.1.4

Address: 192.168.1.4#53

Name: masterdns.arun.com

Address: 192.168.1.4

Secondary DNS Configuration

(1) [root@slavedns ~]# yum install bind* -y

(2) [root@slavedns ~]# vim /etc/named.conf

// named.conf

// Provided by Red Hat bind package to configure the ISC BIND named(8) DNS

// server as a caching only nameserver (as a localhost DNS resolver only).

// See /usr/share/doc/bind*/sample/ for example named configuration files.

options {

listen-on port 53 { 127.0.0.1; 192.168.1.2; }; #slave DNS IP

listen-on-v6 port 53 { ::1; };

directory "/var/named";

dump-file "/var/named/data/cache_dump.db";

statistics-file "/var/named/data/named_stats.txt";

memstatistics-file "/var/named/data/named_mem_stats.txt";

allow-query { localhost; 192.168.1.0/24; };

recursion yes;

dnssec-enable yes;

dnssec-validation yes;

dnssec-lookaside auto;

/* Path to ISC DLV key */

bindkeys-file "/etc/named.iscdlv.key";

managed-keys-directory "/var/named/dynamic";

};

logging {

channel default_debug {

file "data/named.run";

severity dynamic;

};

zone "." IN {

type hint;

file "named.ca";

};

zone"arun.com" IN {

type slave;

file "slaves/for";

masters { 192.168.1.4; }; # master DNS IP

};

zone"1.168.192.in-addr.arpa" IN {

type slave;

file "slaves/rev";

masters { 192.168.1.4; }; # master DNS IP

};

include "/etc/named.rfc1912.zones";

include "/etc/named.root.key";

(3) Start the named Service

root@slavedns ~]# /etc/init.d/named restart

Stopping named: [ OK ]

Starting named: [ OK ]

(4) We Don't need to Create the Zone file here, If will be resolved from Master Server While we Start the Named Service

[root@slavedns ~]# cd /var/named/slaves/

[root@slavedns slaves]# ll

total 8

-rw-r--r-- 1 named named 475 Aug 11 17:45 for

-rw-r--r-- 1 named named 626 Aug 11 17:45 rev

[root@slavedns slaves]#

[root@slavedns slaves]# cat for

$ORIGIN .

$TTL 86400 ; 1 day

arun.com IN SOA masterdns.arun.com. root.arun.com. (

201506187 ; serial

3600 ; refresh (1 hour)

1800 ; retry (30 minutes)

604800 ; expire (1 week)

86400 ; minimum (1 day)

)

NS masterdns.arun.com.

NS slavedns.arun.com.

NS mail.google.com.

NS chat.google.com.

$ORIGIN arun.com.

chat A 192.168.1.3

mail A 192.168.1.3

masterdns A 192.168.1.4

slavedns A 192.168.1.2

www A 192.168.1.4

[root@slavedns slaves]# cat rev

$ORIGIN .

$TTL 864000 ; 1 week 3 days

1.168.192.in-addr.arpa IN SOA masterdns.arun.com. root.arun.com. (

201506187 ; serial

3600 ; refresh (1 hour)

1800 ; retry (30 minutes)

604800 ; expire (1 week)

86400 ; minimum (1 day)

)

NS masterdns.arun.com.

NS slavedns.arun.com.

PTR arun.com.

PTR google.com.

$ORIGIN 1.168.192.in-addr.arpa.

2 PTR slavedns.arun.com.

3 PTR mail.google.com.

PTR chat.google.com.

4 PTR masterdns.arun.com.

PTR www.arun.com.

chat A 192.168.1.3

mail A 192.168.1.3

masterdns A 192.168.1.4

slavedns A 192.168.1.2

www A 192.168.1.4

(5) Make Changes in /etc/resolv.conf

[root@masterdns named]# vim /etc/resolv.conf

nameserver 192.168.1.2

(6) Now check the Slave DNS Working

[root@slavedns slaves]# nslookup slavedns.arun.com

Server: 192.168.1.2

Address: 192.168.1.2#53

Name: slavedns.arun.com

Address: 192.168.1.2

[root@slavedns slaves]# nslookup masterdns.arun.com

Server: 192.168.1.2

Address: 192.168.1.2#53

Name: masterdns.arun.com

Address: 192.168.1.4

[root@slavedns slaves]#

Sunday, 4 January 2015

NFS server configuration

ON SERVER SIDE J

(1) Make Changes in the /etc/exports file

[root@www /]# vi /etc/exports

(2) Create a directory /share

[root@www /]# mkdir /share

(3) Create some file in /share directory

[root@www /]# cd /share/

[root@www share]# touch a b c d e f g h

[root@www share]# ll

(4) Restart the nfs service

[root@www /]# /etc/init.d/nfs restart

ON CLIENT SIDE J

(1) Telnet to the nfs server from Port NO 2049

[root@Client /]# telnet 192.168.1.2 2049

(2) Make /nfs directory to mount nfs mount point of server /share

[root@Client /]# mkdir /nfs

(3) Mount the /share directory of nfs server

[root@Client /]# mount -t nfs 192.168.1.2:/share /nfs

[root@Client /]# cd /nfs

[root@Client nfs]# ll

Make changes in /etc/fstab file

[root@Client nfs]# vim /etc/fstab

Sunday, 21 December 2014

Web server configuration with one than one web site (VIRTUAL HOSTING)

Web server configuration with one than one web site (VIRTUAL HOSTING)

(1) Install the web server packages by yum server.

[root@www /]# yum install httpd*

(2) Open the httpd.conf file

[root@www /] vim /etc/httpd/conf/httpd.conf

(3) Make changes like the below in the httpd.conf file

(4) Make index.html & fb.html file in /var/www/html directory

[root@www /]# cd /var/www/html/

[root@www html]# vim index.html

[root@www html]# vim fb.html

(5) Run syntax check for config files

[root@www html]# httpd –t

Syntax OK

(6) Restart the httpd service

[root@www html]# /etc/init.d/httpd restart

Stopping httpd: [ OK ]

Starting httpd: [ OK ]

(7) Open Firefox for testing the working of Web Server.

(8) Now open the url http://www.facebook.com:80 in firefox.