Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

10.4: How to set up a wildcard DNS Network
Tiger only hintI like to use a wildcard DNS entry for my localhost. The reason? If I want to establish a new virtual domain in Apache for testing, I need only go in and create my own arbitrary virtual domain (like railsdev.localhost), and the DNS side will "just work." On Linux machines, you can just edit /etc/hosts and put a *.localhost entry in. This didn't appear to work on OS X, so I instead enabled a local nameserver and went down that path.

I gathered hints from various parts of the net when it came to enabling DNS on OS X Tiger, and I think I have found the most efficient way to do that.

First up, run the following commands to generate a rndc.conf and key file. You can disable this stuff in /etc/named.conf if you like; otherwise:
$ rndc-confgen > /etc/rndc.conf 
$ head -n 6 /etc/rndc.conf > /etc/rndc.key
Now you need to add the wildcard record to the localhost zone file. To do this, add the following line to the end of /var/named/localhost.zone:
*       IN      A       127.0.0.1
In OS X Tiger, daemons like named are controlled via launchctl. There is a simple XML configuration file called org.isc.named.plist, which you'll find in /System/Library/LaunchDaemons. The first few lines are listed here:
<plist version="1.0">
<dict>
        <key>Disabled</key>
        <true/>
Simply change the true/ bit to false/ to enable named. You can then use launchctl to bounce this process:
$ launchctl stop org.isc.named   
$ launchctl unload org.isc.named.plist
$ launchctl load org.isc.named.plist
$ launchctl start org.isc.named
Don't worry if the first two lines give you an error.

In previous versions of OS X (prior to 10.4.3), there was a bug where launchd may have run named before all network interfaces were up. This could create a situation where named binds only to localhost; a problem if you expect your named to be accessible to external machines. This has apparently been fixed in 10.4.3, but I have not verified it, as it's not that important to me.

The final thing you must do is set your TCP/IP preferences to check 127.0.0.1 first before other nameservers. You could optionally edit /etc/named.conf, and set up forwarders. However, because I move between networks all the time, I have just left this alone.

Hope this helps!
    •    
  • Currently 3.75 / 5
  You rated: 4 / 5 (8 votes cast)
 
[51,309 views]  

10.4: How to set up a wildcard DNS | 18 comments | Create New Account
Click here to return to the '10.4: How to set up a wildcard DNS' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
10.4: How to set up a wildcard DNS
Authored by: mzarra on Nov 08, '05 08:23:04AM

Nice tip. I have a question about something similar.

I have a machine on my internal network at home with a fixed non-routable ip address. The router on my DSL is set up to route any hits it receives to this machine as well. This allows me to hit it from anywhere. However, I am currently having to edit my /etc/hosts file when I am inside of my network to force the dns to point to the non-routable IP address.

Is there a way to list a dns name as having two ip addresses and if a connection fails to hit the first one it tries the second? Even better is it possible to have dns try a fixed ip address first and then when that fails go ask the secondary dns server for the second ip address?



[ Reply to This | # ]
Directory Access
Authored by: tuscantwelve on Nov 08, '05 09:08:12AM

To get your Mac to respect /etc/hosts you can do the following:

Open up /Applications/Utilities/Directory Access
Select "BSD Flat File and NIS", check the box, and click Configure... at the bottom to make sure the "Use BSD local files" is checked.
Save and exit.

NB. Untested, but should work.
HTH



[ Reply to This | # ]
10.4: How to set up a wildcard DNS
Authored by: prk on Nov 08, '05 09:23:46AM

Now just setup your Apache config to do Mass Dynamic Virtual Hosting with MOD_REWRITE and all you have to do is make a directory in your doc path and you have a web site. You don't have to change Apache or anything. I've been doing this for years.



[ Reply to This | # ]
10.4: How to set up a wildcard DNS
Authored by: Ministry on Nov 08, '05 12:40:14PM

I'm very interested in your solution.
Can you tell me more about it? Or put some links where I can read about this apache mod_rewrite.
Thnx!



[ Reply to This | # ]
10.4: How to set up a wildcard DNS
Authored by: JohnAlbin on Nov 09, '05 09:14:05AM

He's talking about using Apache's mod_vhost_alias module.

I haven't tried this using Apple's Apache build (I will tonight!), but here's the docs...

http://httpd.apache.org/docs/1.3/mod/mod_vhost_alias.html



[ Reply to This | # ]
10.4: How to set up a wildcard DNS
Authored by: TvE on Nov 08, '05 09:51:26AM

mzarra - the solution to your pproblem is described here (I am using it, as you can see from the comments ;-)

http://www.afp548.com/article.php?story=bestpractices-dns



[ Reply to This | # ]
10.4: How to set up a wildcard DNS
Authored by: mzarra on Nov 08, '05 01:11:43PM

Thank you. This has put me on the right track!



[ Reply to This | # ]
10.4: How to set up a wildcard DNS
Authored by: TvE on Nov 09, '05 05:37:15AM

Glad to help - I also learned a lot from the article (as well as Apples OS X Server PDF documentation "network services") ;-)



[ Reply to This | # ]
10.4: How to set up a wildcard DNS
Authored by: SonyaLynn on Nov 08, '05 11:00:52AM

Dunno if OS X Server 10.4.3 has changed this, but as of 10.4.2, one couldn't use a wildcard cert (*.domain.com) with a passphrase, I was shocked to discover.

I went back and forth between Apple and my SSL Cert provider and that was all we were able to pin down as the issue (which was preventing Web Services from starting up any sites using such a cert). Just sorta FYI on this.



[ Reply to This | # ]
10.4: How to set up a wildcard DNS
Authored by: jms1 on Nov 08, '05 11:33:54AM

This is not something that Apple, or apache, or your SSL certificate provider are going to be able to fix. The way the HTTPS protocol works is that the name embedded in the CN field of the certificate must exactly match the hostname that the browser is asking for, or the browser will probably complain about the certificate possibly being forged.

Some browsers are okay with wildcard names in the CN field, some browsers are not.

You can look at a certificate's x509 data (you will find the CN field in the "Subject" line) with a command like this:

openssl x509 -text -noout -in _____.crt

[ Reply to This | # ]
10.4: How to set up a wildcard DNS
Authored by: brunolapeyre on Nov 08, '05 11:56:55AM

... Isn't the following matching to your needs ?

  1. Open Applications/Utilities/NetInfo Manager
  2. Unlock the application.
  3. select "Machines" in the column then "localhost"
  4. select "Edit" menu -> "Duplicate" to have a copy of localhost
  5. edit the "name" property's value : the chosen name will have to be used in your httpd.conf settings :

Example (with "chosen_name" being the value of the "name" property in NetInfo Manager ) :


<VirtualHost chosen_name>                                 
    ServerAdmin webmaster@anything
    DocumentRoot /pathtositefolder
    ServerName anything
    ErrorLog /pathtoyourerrorlogfile
    CustomLog /pathtoyourcustomerrorlogfile
</VirtualHost>

Then restarting Apache and simply typing http//chosen_name/ in your web browser should open the web site located at /pathtositefolder on your machine. Isn't it ?



[ Reply to This | # ]
10.4: How to set up a wildcard DNS
Authored by: hagus on Nov 08, '05 04:05:01PM

That doesn't entirely match my needs. Every time I need to create a new vhost, I would have to edit the netinfo database, then update httpd.conf. With this solution I just need to edit httpd.conf and that's it. Another comment here even implies the httpd.conf step could be made redundant ... I'm investigating that too.



[ Reply to This | # ]
10.4: named/launchd bug in < 10.4.3?
Authored by: grzm on Nov 08, '05 08:52:24PM

Offtopic, but this is the first I've heard of a problem with launchd and named, and it describes the problem I've been having with the DNS server I've been trying to set up on an OS X 10.4.2 box (not OS X 10.4.2 Server). Does anyone have more information on this bug? A link or two to more information would be great! My googling for information hasn't turned up anything.

I do plan to upgrade the machine to 10.4.3 to see if that fixes the problem, but it would be great to see more information on what the issue is.

Thanks for any more info!



[ Reply to This | # ]
10.4: How to set up a wildcard DNS
Authored by: tim-wood-MacOSXH on Nov 09, '05 02:09:43PM

For those who want to create a directory (say www.bob.dev) and have it automagically become a website (say http://www.bob.dev) without apache configuration, this worked for me under 10.3.9.


Create a directory to hold the automagically created sites. I put one in /Library/WebServer/Hosts. From the command line:
> sudo mkdir -p /Libarary/WebServer/Hosts

edit /etc/httpd/httpd.conf

First, you need to uncomment this section:
#LoadModule vhost_alias_module libexec/httpd/mod_vhost_alias.so

Uncomment this one too:
#AddModule mod_vhost_alias.

And turn off canonical names
# UseCanonicalName Off

Then add these lines. The first part (/Libarary/Webserver/Hosts) should be the folder you created above:
VirtualDocumentRoot /Library/WebServer/Hosts/%0/Documents
VirtualScriptAlias /Library/WebServer/Hosts/%0/CGI-Executables

Then, restart apache
> sudo apachectl graceful

I've seen some notes to the effect that if you restart it using system prefs, you're changes will disappear in a puff of magical computer smoke.

You'll still need to tell your mac where 'www.bob.dev' is actually located. For me (10.3.9), I can just add a line to the end of /etc/hosts like this:

127.0.0.1 www.bob.dev

In the FWIW category, I change .com/.net/org to .dev for my dev copies so it's pretty clear whether I'm hitting the live or dev version.

The official resource on this is http://httpd.apache.org/docs/1.3/mod/mod_vhost_alias.html.

Enjoy!



[ Reply to This | # ]
10.4: How to set up a wildcard DNS
Authored by: ManxStef on Nov 17, '05 02:40:58PM

Sorry I'm so late getting on to this topic, and I'm not sure if this is quite what you're looking for, but I found it absolutely perfect for my purposes:
http://www.patrickgibson.com/utilities/virtualhost/

(It's a script that uses NetInfoManager and lets you easily create a named virtual host that is only accessible locally -- ideal for multiple local website development!)



[ Reply to This | # ]
10.4: How to set up a wildcard DNS
Authored by: thomashallock on Aug 11, '09 10:33:36AM

This works in Mac OS X v. 10.5 as well. I needed wildcard DNS for my local instance of Wrodpress ยต. Problem solved!



[ Reply to This | # ]
10.4: How to set up a wildcard DNS
Authored by: Waterfox on May 08, '10 02:02:20PM
I followed the instructions to the letter, but I get these errors at the end:
Power-Mac-G4:~ root# launchctl stop org.isc.named 
launchctl stop error: No such process
Power-Mac-G4:~ root# launchctl unload org.isc.named.plist
nothing found to unload
Power-Mac-G4:~ root# launchctl load org.isc.named.plist
nothing found to load
Power-Mac-G4:~ root# launchctl start org.isc.named
launchctl start error: No such process
Don't ask why I ran this as root. I don't know why myself.

[ Reply to This | # ]
10.4: How to set up a wildcard DNS
Authored by: dr_moose on Aug 01, '11 03:20:31PM
I ran into this same problem when I tried to set this up. The launchctl commands worked when I ran them as myself, but then named would run as my user rather than as root, which caused permissions errors. This sequence of commands appears to work, though:

launchctl stop org.isc.named
launchctl unload org.isc.named.plist 
sudo launchctl load -w org.isc.named.plist
sudo launchctl start org.isc.named
In other words, at least on 10.6.x the second two commands need to be run as root, and launchctl load needs the -w flag. As the OP said, if the first two instructions throw errors, you can safely ignore them. If it worked, great. If the last two commands worked but named isn't working, check Console.app for launchd errors (such as "named exited with status 1"), or take a look at /Library/Logs/named.log. If named.log doesn't have anything helpful (or doesn't exist) the following command will start named in the terminal independently of launchd so you can see what happens when it tries to start.

sudo launchctl stop org.isc.named
sudo named -c /etc/named.conf -g


[ Reply to This | # ]