Search Results

Search found 6517 results on 261 pages for 'reverse dns'.

Page 87/261 | < Previous Page | 83 84 85 86 87 88 89 90 91 92 93 94 | Next Page >

bind9 - forwarders are not working

- by Sarp Kaya

I am experiencing an issue with bind. If i want to resolve any domain name that is on the zone file. It works fine. However, when I try to resolve anything that does not belong to the zone file. I know that actual DNS servers that are being forwarded are working fine. But somehow bind9 fails to use them. The content of /etc/bind/named.conf.options is: options { directory "/var/cache/bind"; forwarders { 131.181.127.32; 131.181.59.48; }; dnssec-validation auto; auth-nxdomain no; # conform to RFC1035 listen-on-v6 { any; }; }; I have also tried to use only one ip address and it still did not work. also the content of /etc/bind/named.conf is: include "/etc/bind/named.conf.options"; include "/etc/bind/named.conf.local"; include "/etc/bind/named.conf.default-zones"; So there is no problem with including options file. Any recommendations for fixing this problem?

Read the article
dnsmasq Client TTL

- by user548971

I have a situation where my hosts file is constantly changing. Because of this I don't want clients to cache ip addresses resolved using the hosts file. Here is the command that starts dnsmasq for me: /usr/sbin/dnsmasq -K -R -y -Z -b -E -S 8.8.8.8 -l /tmp/dhcp.leases -r /tmp/resolv.conf.auto --stop-dns-rebind --rebind-localhost-ok --dhcp-range=lan,192.168.2.2,192.168.2.249,255.255.255.0,12h -2 eth0 In looking at this site: http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html I see that the -T option has this description: -T, --local-ttl=<time> When replying with information from /etc/hosts or the DHCP leases file dnsmasq by default sets the time-to-live field to zero, meaning that the requester should not itself cache the information. This is the correct thing to do in almost all situations. This option allows a time-to-live (in seconds) to be given for these replies. This will reduce the load on the server at the expense of clients using stale data under some circumstances. My command doesn't have the -T option. Do I need it or does dnsmasq default TTL to zero without it?

Read the article
How to access XAMPP virtual hosts from iPad on local network?

- by martin's

Using XAMPP on one machine. Multiple virtual hosts defined. One per project. Format is .local For example: apple.local microsoft.local client-site.local our-own-internal-site.local All works perfectly from that one machine. I now want to have other systems within the network access the various sites. The main reason for wanting to do this is to be able to test site functionality and layout from mobile devices without having to upload partial work to public servers. I can access the main XAMPP default site by simply entering the IP address of the XAMPP machine in, say, Safari on an iPad. However, there is no way to reach .local that I can see. Would this entail setting up a DNS server within the network? We have a mixture of Windows and Mac machines. No Linux. The XAMPP machine is Vista 64. I don't want real external internet access to be affected in any way, just ".local" pointed to the XAMPP machine if that makes sense.

Read the article
My nameserver isn't registered?

- by jflory7

My problem is that I am trying to set my domain's nameservers to the nameservers of my dedicated server. My domain is hosted by Namecheap, and everytime I try to input the two nameservers for my private server, one of them is rejected for being unregistered. My dedicated server's control panel is managed through Parallels Plesk 11.5, and the nameservers provided to me are one from the actual provider, OVH (sdns1.ovh.ca), and the other is an actual unique nameserver that points directly to my specific dedicated server. Previously, for another domain I own, I was successfully able to get Namecheap to take the nameserver without an error, so I know this is possible. I know that it works for one of my other domains. After being redirected by Namecheap to contact the server provider, I called OVH and they said it was something I would have to do myself. One interesting detail the OVH representative mentioned was that he saw that my port 53 was closed, which is the port that handles DNS. The only problem is that I have no idea or knowledge as how to open this port back up. So, my final question is how can I get this nameserver working in Namecheap to point to my dedicated server? If you need any more details, feel free to ask for clarification.

Read the article
Allow outgoing connections for DNS

- by Jimmy

I'm new to IPtables, but I am trying to setup a secure server to host a website and allow SSH. This is what I have so far: #!/bin/sh i=/sbin/iptables # Flush all rules $i -F $i -X # Setup default filter policy $i -P INPUT DROP $i -P OUTPUT DROP $i -P FORWARD DROP # Respond to ping requests $i -A INPUT -p icmp --icmp-type any -j ACCEPT # Force SYN checks $i -A INPUT -p tcp ! --syn -m state --state NEW -j DROP # Drop all fragments $i -A INPUT -f -j DROP # Drop XMAS packets $i -A INPUT -p tcp --tcp-flags ALL ALL -j DROP # Drop NULL packets $i -A INPUT -p tcp --tcp-flags ALL NONE -j DROP # Stateful inspection $i -A INPUT -m state --state NEW -p tcp --dport 22 -j ACCEPT # Allow established connections $i -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT # Allow unlimited traffic on loopback $i -A INPUT -i lo -j ACCEPT $i -A OUTPUT -o lo -j ACCEPT # Open nginx $i -A INPUT -p tcp --dport 443 -j ACCEPT $i -A INPUT -p tcp --dport 80 -j ACCEPT # Open SSH $i -A INPUT -p tcp --dport 22 -j ACCEPT However I've locked down my outgoing connections and it means I can't resolve any DNS. How do I allow that? Also, any other feedback is appreciated. James

Read the article
sporadic routing to another website when opening a common url

- by user226098

I have a strange problem in our office: Sometimes when opening a url from one of our projects random url in any browser not the right website shows up but some other website. In most of the cases it redirects to google.com with some parameters like https://www.google.de/?gfe_rd=cr&ei=krOOU8_kGcSKswadyYDQBw&gws_rd=ssl or just the ugly google 404 page). But today it remains on the origial url but shows up the the content of http://debug.netdna-cdn.com/. This happens about 1 time a week and for no apparent reason. Even stranger it only occurs on a single pc in the network. It now happens on two different computers in the network. Both use windows 8. The problem cannot be fixed by clearing the browser cache but by rebooting the pc or using ipconfig /flushdns. So I think it has something to do with the dns cache of the machine. But I have no idea what the reason is for this and how i can figure out how to solve it. Any ideas?

Read the article
Google MAIL not arriving - relay not allowed

- by renevdkooi

I have a server with sendmail, hosting my domain mind-zone.nl, i changed the MX records to point to the server. When I use Hotmail or any other client the email arrives and everything is fine. ONLY mail from GMAIL server is bounced and gmail returns "relay denied". I have set all the virtual server host settings etc, from command line I can send mails as well, hotmail works, etc. Just not gmail. The strange thing is, this is what gmail returns: Look at the lower part: "Received by" it returns some IP address which is not mine and has absolutely nothing with my domain. While when I do a NSLOOKUP and change to google's DNS server it will state that the IP Address for my domain is correctly pointing at my server. Technical details of permanent failure: Google tried to deliver your message, but it was rejected by the recipient domain. We recommend contacting the other email provider for further information about the cause of this error. The error that the other server returned was: 554 554 5.7.1: Relay access denied (state 14). ----- Original message ----- MIME-Version: 1.0 Received: by 10.14.37.138 with SMTP id y10mr3421504eea.43.1297665573901; Sun, 13 Feb 2011 22:39:33 -0800 (PST) Received: by 10.14.29.75 with HTTP; Sun, 13 Feb 2011 22:39:33 -0800 (PST)

Read the article
rDNS for SMTP server locally with Mail hosted by third party

- by Zleviticus

Ok We have a difference of opinion on something and wanted to get some expert advice. We host our mail with our main domain "OurDomain.net" with a third part mail provider. We have an in house application that has to be able to send mail out to our clients. The problem is that sometimes the mail is flaky and will stop users from functioning in the program for 30 sec or more and appears to lock up. We have determined that the issue is with the mail piece. One solution is to use Database mail to queue up outbound emails to send out. The other is to set up an intenal SMTP server and send out mail through it. My fear is that we wil not be able to get rDNS to work properly and most of the mail will be blocked by our various client spam filters. Is it possible to set up the DNS for the servers so that we can send mail out like [email protected] using the smtp server in house and still pass the rDNS parameters that are normally set on spam filters? enquiring minds want to know.

Read the article
iptables rules to allow HTTP traffic to one domain only

- by Zenet

I need to configure my machine as to allow HTTP traffic to/from serverfault.com only. All other websites, services ports are not accessible. I came up with these iptables rules: #drop everything iptables -P INPUT DROP iptables -P OUTPUT DROP #Now, allow connection to website serverfault.com on port 80 iptables -A OUTPUT -p tcp -d serverfault.com --dport 80 -j ACCEPT iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT #allow loopback iptables -I INPUT 1 -i lo -j ACCEPT It doesn't work quite well: After I drop everything, and move on to rule 3: iptables -A OUTPUT -p tcp -d serverfault.com --dport 80 -j ACCEPT I get this error: iptables v1.4.4: host/network `serverfault.com' not found Try `iptables -h' or 'iptables --help' for more information. Do you think it is related to DNS? Should I allow it as well? Or should I just put IP addresses in the rules? Do you think what I'm trying to do could be achieved with simpler rules? How? I would appreciate any help or hints on this. Thanks a lot!

Read the article
iptables rules for DNS/Transparent proxy with ip exceptions

- by SlimSCSI

I am running a router (A Netgear WNDR3700 if that matters) with dd-wrt. For content filtering I am using OpenDNS. I wanted to make sure a user could not bypass OpenDNS by putting in their own name servers, so I have a rule to catch all DNS traffic. iptables -t nat -A PREROUTING -i br0 -p all --dport 53 -j DNAT --to $LAN_IP I did have one computer on the network I wanted to allow past OpenDNS filters. On that machine I manually set the name servers, and created another rule to allow it to pass iptables -t nat -I PREROUTING -i br0 -s 192.168.1.2 -j ACCEPT This worked well. Today, I installed a transparent proxy (squid) on the router and added these rules: iptables -t nat -A PREROUTING -i br0 -s $LAN_NET -d $LAN_NET -p tcp --dport 80 -j ACCEPT iptables -t nat -A PREROUTING -i br0 -s ! $PROXY_IP -p tcp --dport 80 -j DNAT --to $PROXY_IP:$PROXY_PORT iptables -t nat -I POSTROUTING -o br0 -s $LAN_NET -d $PROXY_IP -p tcp -j SNAT --to $LAN_IP iptables -I FORWARD -i br0 -o br0 -s $LAN_NET -d $PROXY_IP -p tcp --dport $PROXY_PORT -j ACCEPT This also works, however the 192.168.1.2 address does not get routed through squid. How can I have 192.168.1.2 (and maybe others in the future) by-pass the port 53 rules, but not the port 80 rules?

Read the article
Directory service unavailiable, new hardware same settings

- by Alex

I'm working on a project with 2 sites connected by a VPN. Site 1 has the main server and there is a secondary server at site 2 which I am trying to replace. The current setup works perfectly however I can't for the life of me get the replacement server at site 2 up and running. I'm trying to replace like for like just upgraded hardware. I have installed the OS (all Server 2003 Standard SP2) and used exactly the same settings as the old server. I have setup Active Directory, DNS Server, DHCP Server and WINS Server configured. I have used all the same settings as the old server (except IP address and name). I can access the active directory but I can't do anything; add, edit, delete all returns "the directory service is unavaliable". No-one can login on any of the computers on site 2 and the internet is down. Plugging the old server back in and connecting it to the network rectifies the issue (so both new and old are connected at site 2), everyone can login and the internet is back (curious since the modem connects direct to the switch, and even with the new server online I can connect to the router via IP but not the net). I really don't have much experience but I've been roped into doing this because my company is too cheap to hire a real network admin. Any suggestions of where I can start to troubleshoot this, its driving me crazy and I only have a day before all the users are back on site.

Read the article
No internet through a web browser but Skype still works

- by kim3er

We get our office broadband through a BT Business Broadband WiFi router. We have a mixture of macs and windows PC/laptops connecting to it at any one time. All devices are able to connect to the wireless signal with pretty much full signal. However, only two computers (one windows, one os x) are able to consistently connect to the internet. The other three (one windows, two os x), while they can always connect to the wifi, exhibit one of three characteristics. No internet at all. Programs like Skype work, but no internet through a browser. Internet works, but with intermittent lag when switching between different sites. I'm assuming while trying to resolve different addresses. Ignoring point 1 for moment, my gut is telling me DNS. It is an up to 20MB line that usually gets to between 13MB and 15MB downstream. The router is capable of dealing with the amount of wireless devices that we're throwing at it. Has anyone got any suggestions for how I might further diagnose this problem (preferably in OS X)? Rich

Read the article
Some websites hosted on my server cant be reached from some places.

- by valter

Hello. I have a bloblem that is causing me headaches to solve. I have a webserver at 100tb.com, running CentOS. I also have these nameservers setted up: 67.213.220.170 ns1.maisturismo.net 67.213.220.171 ns2.maisturismo.net My domain is at Godaddy. I added two Host Summary pointig to the nameserver ips... NS1 to the first IP, and NS2 to the second... Than I changed the nameservers of maisturismo.net to ns1.maisturismo.net and ns2.maisturismo.net http://img20.imageshack.us/i/dnswm.jpg/ Bellow the image showing my dns records to maisturismo.net http://img137.imageshack.us/i/nameservers.jpg/ Its strange... Everythink looks fine, but the webiste is not reachable from [zend2.com][1] proxy, and from some other places, like a friend's house, that dont use the same web provider that I use. I have another nameserver setted up on my server, that have the same problem, All websites that use it cant be reached from zend2.com and from my friends house, except a ".com.br"(Brazillian Domain). Do you have same idea about, what is causing this? I really cant imagine what is the problem... Thanks. [1]: http:// zend2.com

Read the article
CNAME vs A records

- by deb

I built a small rails app that allow users to make a simple site. It uses subdomain accounts ex: deb.myapp.com Whenever an user wanted to have a domain name associated with their site, they would change their NS records to point to slicehost where the application is hosted and I would manage the DNS records myself. However, as more people are using the application this is not an option for me anymore. I prefer users to keep their nameservers at goddady, register.com, etc, so they can log in and manage their own MX records or whatever else they need to change. My question is, should I have them change the A records to point to my server's ip, or should I have them create a CNAME record? Do they need to delete the default A records to allow the CNAME record to work? Will the A record take precedence and overrule the CNAME record? Thanks in advance. Sorry if this is a very basic question. I've read other posts and I can't find a definite answer.

Read the article
Softfail / Failure Notice on SMTP

- by pascal1954

Hey, i'm searching for an answer for about 24 hours now and I still can't find any really useful help... The problem appears as the following: I'm running a debian server with Plesk 9.5.3 and qmail. Since a few weeks I'm not able to send mails to some particular servers (like web.de, aol.com). Hence I get failure notices like "Sorry, I wasn't able to establish an SMTP connection." But when I try to send mails to gmail.com - it works! Gmail only reports a softfail in the mail header like so: Received: from h1600XXX.?none? (DOMAIN2.TLD [XX.XXX.XX.XX]) Received-SPF: softfail (google.com: best guess record for domain of transitioning [email protected] does not designate 85.XXX.XX.XX as permitted sender) client-ip=85.XXX.XX.XX This sounds like a dns problem for me, but I can't get an answer for that... What makes me wondering is: h1600XXX is correct, but it should look like h1600XXX.stratoserver.net, not ?none? DOMAIN2.TLD (first line) is different from DOMAIN1 (second line). Both are hosted on this machine, but is this correct? DOMAIN1 is the one I send this mail from. Hopefully someone could help me! If you need more specific information, let me know. Thanks in advance!!! Best regards

Read the article
Can't reach only certain websites from my Wifi (with macbook and iphone)

- by mellin

I can't access certain websites neither from my macbook nor from my iphone when connected to my Wifi. The same website can be opened from another windows computer connected to the same Wifi. This is what happens when I try to ping it: PING ilpost.it (151.1.175.113): 56 data bytes Request timeout for icmp_seq 0 Request timeout for icmp_seq 1 Request timeout for icmp_seq 2 ... And when I try to traceroute it: host-001:~ j$ traceroute www.ilpost.it traceroute to ilpost.it (151.1.175.113), 64 hops max, 52 byte packets 1 vodafonedslrouter (192.168.1.1) 2.965 ms 0.743 ms 0.745 ms 2 * 2.96.54.77.rev.vodafone.pt (77.54.96.2) 12.076 ms 10.871 ms 3 77.41.30.213.rev.vodafone.pt (213.30.41.77) 14.145 ms 10.693 ms 11.960 ms 4 85.205.11.49 (85.205.11.49) 9.658 ms 8.946 ms 9.085 ms 5 85.205.13.105 (85.205.13.105) 57.497 ms 57.621 ms 48.080 ms 6 188.111.129.17 (188.111.129.17) 49.483 ms 51.338 ms 48.852 ms 7 85.205.25.174 (85.205.25.174) 47.891 ms 49.219 ms 47.821 ms 8 * * * 9 * * * 10 * * * 11 * * * I've flushed my DNS cache but nothing changed. This is quite dramatic as it seems to depend on 85.205.25.174 hop and don't know how to avoid it. Any suggestions? I add that 3 days ago everything worked fine. Then it has stopped.

Read the article
Can't reach only certain websites from my Wifi (with macbook and iphone)

- by trampj

I can't access certain websites neither from my macbook nor from my iphone when connected to my Wifi. The same website can be opened from another windows computer connected to the same Wifi. This is what happens when I try to ping it: PING ilpost.it (151.1.175.113): 56 data bytes Request timeout for icmp_seq 0 Request timeout for icmp_seq 1 Request timeout for icmp_seq 2 ... And when I try to traceroute it: host-001:~ j$ traceroute www.ilpost.it traceroute to ilpost.it (151.1.175.113), 64 hops max, 52 byte packets 1 vodafonedslrouter (192.168.1.1) 2.965 ms 0.743 ms 0.745 ms 2 * 2.96.54.77.rev.vodafone.pt (77.54.96.2) 12.076 ms 10.871 ms 3 77.41.30.213.rev.vodafone.pt (213.30.41.77) 14.145 ms 10.693 ms 11.960 ms 4 85.205.11.49 (85.205.11.49) 9.658 ms 8.946 ms 9.085 ms 5 85.205.13.105 (85.205.13.105) 57.497 ms 57.621 ms 48.080 ms 6 188.111.129.17 (188.111.129.17) 49.483 ms 51.338 ms 48.852 ms 7 85.205.25.174 (85.205.25.174) 47.891 ms 49.219 ms 47.821 ms 8 * * * 9 * * * 10 * * * 11 * * * I've flushed my DNS cache but nothing changed. This is quite dramatic as it seems to depend on 85.205.25.174 hop and don't know how to avoid it. Any suggestions? I add that 3 days ago everything worked fine. Then it has stopped.

Read the article
Help - since adding an elastic load balancer to my EC2 web application I cannot connect with the MySQL database (not in AWS)

- by undefined

I have a web application that uses an EC2 instance to receive uploaded images, resize and store on S3 and update my MySQL database with the image record. This database is hosted outside Amazon Web Services and so obviously involves communication between the EC2 instance and the database. Images are posted to the upload server from a Flash client which receives the IP address of the upload server when it is loaded and so sends images to 1.12.23.34/resize_script.php This has worked great .. until i started to try and include a load balancer. Since the ELBs do not use an IP address but a DNS address I am now passing this to Flash. Now when I upload images I get the following response from the server - Could not connect to MySQL: Lost connection to MySQL server at 'reading initial communication packet', system error: 111 What might be causing the lost connection to MySQL server. Is there any additional steps I need to take to allow my upload servers to be load balanced? I have set the host property of my MySQL privileges for this user to % any pointers greatly appreciated thanks.

Read the article
nginx proxypath https redirect fails without trailing slash

- by Thermionix

I'm trying to setup Nginx to forward requests to several backend services using proxy_pass. The links on the pages that lack trailing slashes do have https:// in front, but get redirected to a http request with a trailing slash - which ends in connection refused - I only want these services to be available through https. So if a link is too https://example.com/internal/errorlogs in a browser when loaded https://example.com/internal/errorlogs gives Error Code 10061: Connection refused (it redirects to http://example.com/internal/errorlogs/) If I manually append the trialing slash https://example.com/internal/errorlogs/ it loads I've tried with varied trailing forward slashes appended to the proxypath and location in proxy.conf to no effect, have also added server_name_in_redirect off; This happens on more than one app under nginx, and works in apache reverse proxy Config files; proxy.conf location /internal { proxy_pass http://localhost:8081/internal; include proxy.inc; } .... more entries .... sites-enabled/main server { listen 443; server_name example.com; server_name_in_redirect off; include proxy.conf; ssl on; } proxy.inc proxy_connect_timeout 59s; proxy_send_timeout 600; proxy_read_timeout 600; proxy_buffer_size 64k; proxy_buffers 16 32k; proxy_pass_header Set-Cookie; proxy_redirect off; proxy_hide_header Vary; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; proxy_set_header Accept-Encoding ''; proxy_ignore_headers Cache-Control Expires; proxy_set_header Referer $http_referer; proxy_set_header Host $host; proxy_set_header Cookie $http_cookie; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Server $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Ssl on; proxy_set_header X-Forwarded-Proto https; curl output -$ curl -I -k https://example.com/internal/errorlogs/ HTTP/1.1 200 OK Server: nginx/1.0.5 Date: Thu, 24 Nov 2011 23:32:07 GMT Content-Type: text/html;charset=utf-8 Connection: keep-alive Content-Length: 14327 -$ curl -I -k https://example.com/internal/errorlogs HTTP/1.1 301 Moved Permanently Server: nginx/1.0.5 Date: Thu, 24 Nov 2011 23:32:11 GMT Content-Type: text/html;charset=utf-8 Connection: keep-alive Content-Length: 127 Location: http://example.com/internal/errorlogs/

Read the article
PTR Record Troubles

- by Physikal

I am having a hell of a time getting our PTR record right. Our current PTR zone looks like this: $ttl 38400 @ IN SOA ns1.domain.com. admin.domain.com. ( 1268669139 10800 3600 604800 38400 ) xxx.xxx.xxx.in-addr.arpa. IN NS ns2.domain.com. xxx.xxx.xxx.in-addr.arpa. IN NS ns1.domain.com. 97 IN PTR mail.domain.com. xxx.xxx.xxx.xxx.in-addr.arpa. IN PTR mail.domain.com. 97.96/28. IN PTR mail.domain.com For some reason the only thing that works is the 97.96/28. When this line is in there it actually says I have a PTR record when reporting from intodns.com. If I remove that line, it says I have no PTR. I have followed instructions from http://www.philchen.com/2007/04/04/configuring-reverse-dns and when I follow those instructions intodns.com says I have no PTR. When it does work with the line 97.96/28., the PTR kicks back as (from intodns.com) : 97.xxx.xxx.xxx.in-addr.arpa -> mail.domain.com.xxx.xxx.xxx.in-addr.arpa Which is, to my knowledge, an incorrect PTR. I want it to just kick back as mail.domain.com, without the xxx.xxx.xxx.in-addr.arpa extension. I have tried everything I can think of but I can't fix it. I can't help but think it's one of those things that is so stupid and simple I'm going to do the ol'facepalm. Any help is greatly appreciated. Thanks! In the event that the domain zone is needed, here it is: $ttl 38400 @ IN SOA domain.com. [email protected]. ( 1265221037 10800 3600 604800 38400 ) domain.com. IN A xxx.xxx.xxx.xxx www.domain.com. IN A xxx.xxx.xxx.xxx ftp.domain.com. IN A xxx.xxx.xxx.xxx m.domain.com. IN A xxx.xxx.xxx.xxx localhost.domain.com. IN A 127.0.0.1 webmail.domain.com. IN A xxx.xxx.xxx.xxx admin.domain.com. IN A xxx.xxx.xxx.xxx mail.domain.com. IN A xxx.xxx.xxx.xxx domain.com. IN MX 5 mail.domain.com. domain.com. IN TXT "v=spf1 a mx a:domain.com ip4:xxx.xxx.xxx.xxx ?all" domain.com. IN NS ns1 domain.com. IN NS ns2 ns1 IN A xxx.xxx.xxx.xxx ns2 IN A xxx.xxx.xxx.xxx Any double entries in different formats were part of my troubleshooting process.

Read the article
Why can host and nslookup resolve a name but dig cannot?

- by musashiXXX

Can anyone tell me why this is happening? I can resolve a hostname using host and/or nslookup but forward lookups do not work with dig; reverse lookups do: musashixxx@box:~$ host someserver someserver.somenet.internal has address 192.168.0.252 musashixxx@box:~$ host 192.168.0.252 252.0.168.192.in-addr.arpa domain name pointer someserver.somenet.internal. musashixxx@box:~$ nslookup someserver Server: 192.168.0.253 Address: 192.168.0.253#53 Name: someserver.somenet.internal Address: 192.168.0.252 musashixxx@box:~$ nslookup 192.168.0.252 Server: 192.168.0.253 Address: 192.168.0.253#53 252.0.168.192.in-addr.arpa name = someserver.somenet.internal. musashixxx@box:~$ dig someserver ; <<>> DiG 9.8.1-P1 <<>> someserver ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 55306 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;someserver. IN A ;; Query time: 0 msec ;; SERVER: 192.168.0.253#53(192.168.0.253) ;; WHEN: Wed Oct 3 15:47:38 2012 ;; MSG SIZE rcvd: 27 musashixxx@box:~$ dig -x 192.168.0.252 ; <<>> DiG 9.8.1-P1 <<>> -x 192.168.0.252 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28126 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;252.0.168.192.in-addr.arpa. IN PTR ;; ANSWER SECTION: 252.0.168.192.in-addr.arpa. 3600 IN PTR someserver.somenet.internal. ;; Query time: 0 msec ;; SERVER: 192.168.0.253#53(192.168.0.253) ;; WHEN: Wed Oct 3 15:49:11 2012 ;; MSG SIZE rcvd: 86 Here's what my resolv.conf looks like: nameserver 192.168.0.253 search somenet.internal Is this behavior normal? Any thoughts?

Read the article
How to rate-limit concurrent sessions with nginx or haproxy?

- by bantic

I'm currently using nginx to reverse-proxy requests from web clients that are doing long-polling to an upstream. Since we're doing long polling (as opposed to websockets), when a client connects it will make multiple http connections to the server in serial, re-establishing a connection every time the server sends it some data (or timing out and re-establishing if the server has nothing to say for 10 seconds). What I'd like to do is limit the number of concurrent web clients. Since the clients are constantly making new HTTP requests instead of keeping a single request open, it's a little tricky to count the total number of web clients (because it's not the same as total number of concurrently connected http clients). The method I've come up with is to track http requests by the originating IP address, and store the IP address somewhere with a TTL of 20 seconds. If a request comes in whose IP isn't recognized, then we check the total number of unexpired stored IP addresses; if that's less than the maximum then we allow this request through. And if a request comes in with an IP address that we can find in the look-up table that hasn't yet expired, then it is allowed through as well. All requests that are allowed through have their IPs added to the table (if not there before) and the TTL refreshed to 20 seconds again. I had actually whipped something together that worked correctly this way using nginx along with the Redis 2.0 Nginx Module (and the nginx lua module to simplify the conditional branching), using redis to store my IP addresses with a TTL (the SETEX command), and checking the table size with the DBSIZE command. This worked but the performance was horrible. nginx and redis ended up using lots of cpu and the machine could only handle a very small number of concurrent requests. The new stick-table and tracking counters that were added to Haproxy in version 1.5 (via a commission from serverfault) seem like they might be ideal to implement exactly this sort of rate limiting, because the stick-table can track IP addresses and automatically expire entries. However, I don't see an easy way to get a total count of the unexpired entries in the stick table, which would be necessary to know the number of connected web clients. I'm curious if anyone has any suggestions, for nginx or haproxy or even for something else not mentioned here that I haven't thought of yet.

Read the article
How to link specific ports to specific domains with Apache virtual hosts?

- by theJoe

We have a forward-facing linux box running Apache HTTP server that is acting as a reverse proxy for several back-end servers. The servers are accessed through specific domain names and ports and are set up as virtual hosts within Apache as such: Listen 8001 Listen 8002 <Virtualhost *:8001> ServerName service.one.mycompany.com ProxyPass / http://internal.one.mycompany.com:8001/ ProxyPassReverse / http://internal.one.mycompany.com:8001/ RewriteEngine On RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK) RewriteRule .* - [F] </Virtualhost> <Virtualhost *:8002> ServerName service.two.mycompany.com ProxyPass / http://internal.two.mycompany.com:8002/ ProxyPassReverse / http://internal.two.mycompany.com:8002/ RewriteEngine On RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK) RewriteRule .* - [F] </Virtualhost> The proxy server has only one IP address, and both domains are pointing to it. Accessing internal.one via service.one works fine, as does accessing internal.two via service.two. Now the problem is that Apache does not take the requesting domain into account when accessing the virtual hosts. What I mean is that both domains work for both ports: requests for service.one:8002 proxies to internal.two:8002, and requests for service.two:8001 proxies to internal.one:8001, where ideally both these requests should be denied. I can get around this by creating more virtual hosts that explicitly deny these requests: NameVirtualHost *:8001 NameVirtualHost *:8002 <Virtualhost *:8001> ServerName service.two.mycompany.com Redirect permanent / http://errorpage.mycompany.com/ </Virtualhost> <Virtualhost *:8002> ServerName service.one.mycompany.com Redirect permanent / http://errorpage.mycompany.com/ </Virtualhost> But this is not an ideal solution, since we plan to add more services to the proxy, and each new port would need to be explicitly denied on all the other domains, and each new domain would need to be explicitly denied on all ports it is not utilizing. As we add more services, the number of virtual hosts can get out of hand quickly. My question, then, is whether there is a better way? Can we explicitly tie specific ports to specific domains in a virtual host so that only that domain-port combination is processed, and all other combinations are not? Things I’ve tried: Adding NameVirtualHost *:8001, etc. without the additional virtual hosts. Setting ProxyRequests On and Off, as well as ProxyPreserveHost On and Off Adding the server name or IP address to the virtual host header, e.g. <VirtualHost service.one.mycompany.com:8001> Using the <proxy> directive inside the virtual host directive. Lots and lots of googling. The proxy server is running CentOS 6.2 64-bit, Apache HTTPD server 2.2.15. As mentioned, the proxy server has only one IP address, and all the domains we are using are pointing to it.

Read the article
Django: reverse lookup URL of feeds?

- by Santa

I am having trouble doing a reverse URL lookup for Django-generated feeds. I have the following setup in urls.py: feeds = { 'latest': LatestEntries, } urlpatterns = patterns('', # ... # enable feeds (RSS) url(r'^feeds/(?P<url>.*)/$', 'django.contrib.syndication.views.feed', {'feed_dict': feeds}, name='feeds_view'), ) I have tried using the following template tag: <a href="{% url feeds_view latest %}">RSS feeds</a> But the resulting link is not what want (http://my.domain.com/feeds//). It should be http://my.domain.com/feeds/latest/. For now, I am using a hack to generate the URL for the template: <a href="http://{{ request.META.HTTP_HOST }}/feeds/latest">RSS feeds</a> But, as you can see, it clearly is not DRY. Is there something I am missing?

Read the article
How to find the longest contiguous subsequence whose reverse is also a subsequence

- by iecut

Suppose I have a sequence x1,x2,x3.....xn, and I want to find the longest contiguous subsequence xi,xi+1,xi+2......xi+k, whose reverse is also a subsequence of the given sequence. And if there are multiple such subsequences, then I also have to find the first. ex:- consider the sequences: abcdefgedcg here i=3 and k=2 aabcdddd here i=5, k=3 I tried looking at the original longest common subsequence problem, but that is used to compare the two sequences to find the longest common subsequence.... but here is only one sequence from which we have to find the subsequences. Please let me know what is the best way to approach this problem, to find the optimal solution.

Read the article

< Previous Page | 83 84 85 86 87 88 89 90 91 92 93 94 | Next Page >