DNS is like the old telephone books.
name ----> phone number
But telephone books only worked 1 way from the name to the phone number.
DNS works 2 ways - from the IP to the name and from the name to the IP.
DNS-hostname <----> IP address
In general, it is a bad idea to have DNS running on a server also doing dangerous things like serving webpages or email. Those 3 servers are the 3 more hacked types of systems. I've not had a web server hacked, but I have had my DNS server hacked - back in 2002.
As to how dnsmasq works specifically, I don't know. I use Bind and disable any local dns caching tools on my LAN.
We servers have and old idea of virtual hosts. This was how we could have 3000 websites on a singly web server for the last 25+ yrs. The requested name is understood by apache, used to lookup in all the apache sites-enabled/ config files for which ServerName the HTTP request should be sent.
Code:
<VirtualHost *:80>
ServerName wb.example.com
DocumentRoot /var/www/wallabag/web
.....
</VirtualHost>
ServerName the HTTP request should be sent.
Code:
<VirtualHost *:80>
ServerName nc.example.com
DocumentRoot /var/www/nextcloud
.....
</VirtualHost>
So, with both of those stanzas in the apache..../sites-enabled/ directory, we have to ask for either wb.example.com or nc.example.com for Apache to know which we want.
There is probably a default.conf file there too, which doesn't specify any ServerName. That's were any requests that get to the apache server go which aren't in the 2 configured servernames.
DNS is separate from the Apache stuff. If DNS or the client running the web browser /etc/hosts points to the wrong IP address, then no requests will get there with the expected ServerNames, so nothing will be served. If you don't want to worry about DNS, you can just put the name/IP pairs you want used into the /etc/hosts on your client system.
Hope I said that in a clear way. Hope some other people will help by clarifying what isn't clear in a different way.
Bookmarks