Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
03-15-2005, 03:03 PM
|
#1
|
Member
Registered: Feb 2004
Location: Mooresville NC
Distribution: CentOS 4,Free BSD,
Posts: 358
Rep:
|
setting up virtual hosting/DNS/
I currently pay for hosting service through the hostdepartment which as been a really great.
I have a 3m/384 line running to my house with one static ip. I can get another static if needed.
I have alot of older hardware just laying around the house. I can come up with about 5 different computers from 166 P1 to 900mhz celerons as well as about 30 NICs, External modems, you name it I most likly have it laying around.
I have never had to setup DNS with bind. I thought that I had to have 2 external address for the use with bind for the Primany and seconday name server. I am sure that I can setup apache with virtual hosting. Would I have to use name based if I had a DNS for that subnet or ip based? My web server is a dual processor P3 (667) with 380+ mem. I have 1 80gig,10gig and I have another 80gig if needed.
I have 5 web sites that are hosted which costs me about 76.00 a year + the domain names. It would be nice to have that money for me. Also I guess that I am going to have to control the mail for these domains. I would need help for this.
Would it be better for me to see if I can lease a name server?
Then I could add all the MX records that I want right?
Would I still have to buy domain names if I have a nameserver?
If this doesn't make any sence let me know.
I have a fair understanding of TCP/IP networks/SAMBA/SQUID/
so this shouldn't be to hard.
I don't even mind doing the research if someone will just outline what I really need and don't need.
|
|
|
03-15-2005, 03:53 PM
|
#2
|
Member
Registered: Aug 2003
Location: Little Rock, Arkansas
Distribution: RH, Fedora, Suse, AIX
Posts: 736
Rep:
|
$76 a year doesn't sound too bad. It really is a lot of work running your own servers because you have to care about stuff that you didn't before... like security and how to control spam on your mail server.
But, if you're really dead-set on doing it, everything you have now sounds good. Yes, you have to keep paying for the domain names, even if you are hosting the DNS records yourself. You are paying the domain registraar whatever their yearly fee happens to be.
If you still want to do this, you'll need 2 static IPs. Some people may tell you that you can run on just a single IP, but I haven't had much luck with that. I recommend at least 2. On one machine, you run your web server along with Mysql if you need it to support your web applications. You can also run an FTP service if you have users who need to login and manipulate files. On the second machine you run your mail server. I recommend qmail for sure because it's lightweight and very secure. You can use qmailrocks.org for the howto in setting that up. Everyone swears by it, but I prefer the link in my signature instead. You'll also need to setup a DNS server on both machines if you plan to host your own DNS records. If you dont want to mess with that, you can host your DNS records with a 3rd party like www.zoneedit.com. There are also a number of other sites that privide this service, so shop around. Many of them are free, so no worries there.
You probably also need a networking appliance, such as a router. The pricetags on these varies greatly, so it depends on how much you're prepared to spend. Of course you can survive without one, but if you can spend the money, you can get yourself a really nice router that has a strong firewall and will keep your machines very safe. If you're going cheap, you can get a small cheap switch and get a software firewall instead.
Last edited by Donboy; 03-15-2005 at 03:54 PM.
|
|
|
03-15-2005, 04:29 PM
|
#3
|
Member
Registered: Feb 2004
Location: Mooresville NC
Distribution: CentOS 4,Free BSD,
Posts: 358
Original Poster
Rep:
|
Yep for 76.00 I get 1500mb of storage and 30gig bandwidth. Its not that bad.
I have numerous switches,routers/hardware firewalls/and a few smoothwalls as well.
I have been collecting equipment for about 4 years now and my local computer store owner is my buddy, so I get all the equiptment that people bring to them.
I was just talking about static ips(outside). I can masquraide for the internal so thats not that big of a deal. For backups I only have a CD-RW writer so I can only backup to a cd unless I use rsync to transfer to my other network where I have a DDs4 40gig tape drive. I shouldn't be backing up but about 400mb so that not that bad.
Ok back to my setup. Sounds like a may be talking my self out of this but I think I am still going to
give it a try. I have the domains so I can redirect to my static ip with no problem. What do I do about the internal DNS? This is kinda new to me, but I know I can do it. I have never had linux stop my progress though it has stumped me a few times. Anyone ever try running Lotus Domino mail sever on FC3. I do and it works quite good on a celeron.
As far as ftp I know how to setup that as I have use NFTP,PROFTPD,VFTPD and so on. What I don't understand is the DNS stuff.
Here is my topology so you'll have abetter idea
DSLMODEM--->smoothwall----->hub---->linksys wireless router---->(personal network)
Smoothwall to hub give out static ips with 9.17.19.??
the linksys gets one of these, the reason that I do this is b/c Xbox live doen't like linksys products.
So I have two networks one which uses all netgear stuff and the linksys for the wireless for the rest of the house. Portmaps for 80 out of the smoothwall go to 9.17.19.96 which is the static ip for the linksys. Then the linksys transfers to 11.24.19.94. Sometime this is a real PIA but its the only way that I could make eveything work together.
Now I think that I am going to do this.
dslmodem--->smoothwall---hub
DNS server
Webserver
mailserver
linksys --->for wireless and the rest of my personal network.
Will this cause any problems. When on my personal network I would like to use IE: www.midgettmotorsports.com in the URL bar. When I query the internal dns sever wouldn't it see the outside static and not the real address 11.24.19.94 or what ever?
|
|
|
03-15-2005, 07:08 PM
|
#4
|
Member
Registered: Aug 2003
Location: Little Rock, Arkansas
Distribution: RH, Fedora, Suse, AIX
Posts: 736
Rep:
|
Ok, here is a graphic showing how I was setup at one time. I ran this way for about a year with no problems.
http://www.donboy.com/topology.gif
The two machines on the left are my servers and they were multi-homed, which just means they had 2 nic cards. The only reason I did this was so I could have backdoor access from my lan, which made it nice because I didn't have to go outside to fetch data on my servers.
So in this case, the hub in your diagram is where my switch is located in my diagram. So you can run cables from your linksys over to your servers and have the same backdoor access.
So that's one possible way to do it. Now, let me tell you how I'm setup currently. Now, I just have ONE device, a Sonicwall that is connected to my DSL modem. From there, I have all my other machines plugged into it directly. On the Sonicwall, I am using 1-to-1 NAT and mapping my public IPs to private IPs of machines on my LAN. This is a much simpler setup, and the Sonicwall has a very strong firewall and reporting capabilities. This little baby ran my about $500 and considering my setup, it's more than worth it. The beauty of this setup is that I don't have to have multiple nic cards in my servers and backdoor access is unnecessary to rig up because it's all on a internal LAN.
Now, let's talk about DNS.
The way you are setup currently is, you are probably querying an outside DNS server... probably your ISP's DNS server. Even after you change your setup, you can still continue doing the same thing. So when you set your browser to a certain domain, you are querying your ISP's DNS for the IP address of that site.
If you are running your own DNS server, that is only doing 2 things for you. (1) it's doing name/address lookups, which is pretty much what your ISP is doing for you now. If you look in /etc/resolv.conf, you will see the IP address of your ISP's DNS server. So instead of pointing to them, you can point your /etc/resolv.conf to the DNS server running on your LAN and its capable of doing the same thing. All its doing is going to the internet and asking the appropriate servers where to find the IPs for certain domain names. (2.. and this is optional) you can be authoratative for your own DNS records, which means when somebody wants to know the IP address of your domain names you are hosting, it will query YOUR servers and your server will respond with the IP addresses they need.
I hope that answers things. If not, let me know and I will try to explain better.
Regardless of how you plan to run things, you'll need 3 external IP addresses. (1) for your web server (2) for your mail server and (3) for the Linksys. If you plan to run DNS on a seperate server, then you'll need a 4th.
If you plan to be authoratative for your DNS records, then your DNS server MUST be on a public IP so that people can do queries from the outside world to your DNS server. If you want to install a DNS server on your web server, that will do just fine and save you the trouble of having a seperate machine for that.
I think all of this really depends on how many public IPs you can get and whether or not you really want to be authoratative for your own DNS records. If I were you, I wouldn't bother with the DNS part unless you want your own caching name server, which will save you the trouble of querying your ISP for all the name/address lookups.
|
|
|
03-16-2005, 09:52 AM
|
#5
|
Member
Registered: Feb 2004
Location: Mooresville NC
Distribution: CentOS 4,Free BSD,
Posts: 358
Original Poster
Rep:
|
Ok lets see if this will work
DSLMODEM ---->(new FC3 box) (removed smoothwall router)
The FC3 I can setup just like a router and have it do DNS right? That way the first PC connected to the outside should know what I have hosted right.
Then I can run the mail sever and the webserver on the same box. Would this work? I can have the mail server and the websever/file server on different boxes if needed.
Will the DNS sever work fine if its on the same cumputer thats hosting the internet connection. I have never setup the Kppoe so I am not sure how it works and if it will keep a constant conection.
My smoothwall is a 266 P2? (i think) it should handle the load.
I also I think that a extra static is going to be about $14.00 which wouldn't pay off end the end. So I would like to try to make this work with one external staic ip. If possible. I can DMZ these severs right?
|
|
|
03-16-2005, 10:22 AM
|
#6
|
Member
Registered: Aug 2003
Location: Little Rock, Arkansas
Distribution: RH, Fedora, Suse, AIX
Posts: 736
Rep:
|
>> The FC3 I can setup just like a router and have it do DNS right?
Uhhh, yeah, I suppose so. I've never done this, but I can't imagine why not.
>> Then I can run the mail sever and the webserver on the same box. Would this work?
So everything is running on your FC3 box? Sure, that sounds fine.
You can use DMZ, yes. You can put your servers on the DMZ and that will work, but you'll need a firewall, obviously.
If you want to do this with only one static IP, I think you may have problems doing your own authoratative DNS. I know for certain that it wont' work if your domains are hosted with Network Solutions. When I had a domain hosted there, they required 2 seperate IP addresses for the name servers. I was unable to use the same IP address for both. With Godaddy, I'm not sure. I'm using 2 seperate addresses, so I have no problems there, but you should check with them and see if you'll have any trouble using just a single IP.
Again, if I were you I wouldn't mess with the DNS server unless you're really a glutton for punishment. I'd recommend using a 3rd party for DNS who can host your records for free. There are services out there that will do it. I think dyndns.org is one I hear so many people raving about, but I'm not familiar with that... I have only used ZoneEdit.com.
Personally, I have no experience with using a Linux box as a router, so I don't know how much success you will have with it. If it were me, I would use a traditional router and do port forwarding or something, so that http requests, pop3 requests (etc etc) are sent to your server. The trouble with that setup is... if you ever decided to add a second server with an http service, there is no way to selectively forward port 80 to both machines. You'd have to run http server on just one machine and forward port 80 to that box. This could suck because if you wanted to add http on a second machine (maybe for webmail service) you couldn't do it using that setup.
|
|
|
03-16-2005, 10:42 AM
|
#7
|
Member
Registered: Feb 2004
Location: Mooresville NC
Distribution: CentOS 4,Free BSD,
Posts: 358
Original Poster
Rep:
|
Well, Not all one one FC3 I have up to 7 computers I can use and like 30NICs so hardware is not a problem. Yes, I have setup linux as router before, I have just never run DNS. Maybe I need to start another post based around running DNS on the actuall firewall. This seems like where I am going to have the most problems. I wonder if some of the other software routers have a DNS function? I'll see if I can find out.
|
|
|
All times are GMT -5. The time now is 01:23 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|