How to set up domain names on local network when internet is down??

Rob215x

Rob215x

I've read through a bunch of documentation but I'm not sure of a few things, so I'm looking for some tips before I mess up my office. Thanks in advance!

Here's our setup in a small office:
1. Internet comes in to an ASUS RT-AC1900P WIFI router and then to a simple switch. We have 5 Windows workstations plus employees bring in their own laptops and connect to the WIFI.

2. I built a FreeBSD 11.4 box with Apache, PHP, MySQL and it runs backup versions of several web sites. The main web sites are hosted elsewhere in a data center.
- domain1.com goes to the main site and backup.domain1.com goes to the FreeBSD box in our office. Both sites are available publicly.
- same with domain2.com and domain3.com

3. The internet in the building goes out frequently. We're working on solutions for that, but I'm gonna stay on topic. =)
- MY GOAL is for backup.domain1.com, backup.domain2.com, etc to still work in our office when the internet is down.

- I know I can edit the hosts file on each workstation but that won't fix the laptops brought in from outside
- I also don't want to worry about keeping all the hosts files updated and so on

So, I was thinking of doing the following on the FreeBSD box:
- add the following to /etc/resolv.conf:
Code: 
search domain1.com domain2.com domain3.com
nameserver    127.0.0.1
nameserver    8.8.8.8

- install unbound and enable it in rc.conf

Finally, in the ASUS router, put 192.168.1.12 (the local IP of the FreeBSD box) in LAN > DHCP Server > DNS Server

Am I on the right track? Did I forget anything?

Since all of the backup.domain*.com sites are on the FreeBSD box AND they are registered domains and subdomains, I shouldn't need to add the domains to any hosts files right? Or do I need to add them in the FreeBSD box's hosts file like:
Code: 
127.0.0.1  backup.domain1.com
and so on??

Thanks!!
 
No , i use also "nameserver 127.0.0.1" and run local_unbound.
In the configuration of local_unbound you have forward.conf, which dns request you want to forward externaly, and lan-zones.conf containing zone data what yourself want to serve to the localhost.
You no longer need a /etc/hosts file.
 
Alain De Vos said:
No , i use also "nameserver 127.0.0.1" and run local_unbound.
In the configuration of local_unbound you have forward.conf, which dns request you want to forward externaly, and lan-zones.conf containing zone data what yourself want to serve to the localhost.
You no longer need a /etc/hosts file.
Click to expand...
Thanks, I didn't think I needed the hosts file but I just don't want to mess anything up at the office so people can't browse the internet normally when our internet is up. =)

Also, I was reading the page where they talk about unbound vs local_unbound:

Reddit - Dive into anything

www.reddit.com www.reddit.com
 
One small detail in unbound.conf i have,
Code: 
include: /var/unbound/lan-zones.conf
include: /var/unbound/forward.conf
So i serve first the lan-zone and forward what is not known.
In the default config it is vice-versa.
 
also make sure your webapp? does not need files from various cdns because that wont work if the network is down
so serve all js, css, images from your host.
dont know if this is the case but you can create split-brain scenarios
what if someone with a mobile connection works directly on the real site while the others work on the backups

better invest in some alternative internet access like [3-5]G
 
covacat said:
also make sure your webapp? does not need files from various cdns because that wont work if the network is down
so serve all js, css, images from your host.
dont know if this is the case but you can create split-brain scenarios
what if someone with a mobile connection works directly on the real site while the others work on the backups

better invest in some alternative internet access like [3-5]G
Click to expand...
Yes, I've thought of this. Copies of all content is on the local backup server. The databases are synced every night and new data isn't added that often, maybe once every 2 weeks. This is mainly a customer service situation where people in the office need to look up info on 2000+ products. I'm usually the one doing the db updates so no one will be writing to the database on a mobile connection. Definitely good points though!!

The problem is, the building is old and it's in a part of town that isn't the best. So, none of the local internet providers are eager to update the infrastructure, run new wire/cable/fiber etc. It's sad really. I'm trying to make do with what's available.
 
You must log in or register to reply here.
Back
Top