RE: Completely Lost
- From: Richard Urwin <RUrwin@xxxxxxxxxxxxxx>
- Date: Thu, 9 Nov 2006 11:46:36 -0000
From: n3m3s1s 4u
Sent: 18 October 2006 09:41
Well I have been all over - read all there is about DNS and bind - Readn3m3s1s
Howto forums etc - but still seem to be stumbling on something - but cant
put my finger on it.
Here are my objectives but not sure if i am taking things further than i
need and would really appreciate some help.
I have got a 123-reg domain - mywebspace.co.uk (here i am allowed to change
everything on dns, nameservers, A records CNAME's etc.
I have a Ubuntu -server installation on my personal home machine (running at
the moment as a virtual machine Until i get things right)
I have pointed my domain name to the external (static) Ip address of my
router - 888.888.888.888 (for eg)
I have configure my router to forward ports on 8080, 80, 23, 21, 110, 10000
etc etc to the internal ip address (static) 192.168.1.10
<<<<< Richard
You almost certainly shouldn't be forwarding all those ports. Each port you
forward is a security risk. Those are incoming ports, right? Outgoing
connections don't use those forwarding rules; you don't need to forward port
110 to get mail with POP3, only to allow someone else to get mail _from_
your PC. The only ports you forward incoming should be those ports you need
to use and are sure that you have the corresponding server configured
securely. In particular Telnet (port 23) is a Bad Thing, but you may have
meant 25 (SMTP).
A fairly secure and usable starting point is "Nothing In, Everything Out",
then poke holes in as and when you need to. My setup allows nothing in
except ping replies and SMTP. If I ran a webserver I'd also have to allow
port 80, and similarly for FTP. I only allow SMTP in because I run a mail
server - most people wouldn't need that.
My true intentions are : to have multiple webpages under my domain name :n3m3s1s
like - me.mywebspace.co.uk and mymate.mywebspace.co.uk and once i have email
set up for EVERYTHING@xxxxxxxxxxxxxxxx to goto a web login at say
webmail.mywebspace.co.uk . (obviosly will have all the mail stuff set up
according to the howtoforge guid on 6.06 perfect setup)
<<<<< Richard
There are two ways to do this, and doing it without having a seperate static
address for each domain will mean that you cannot use SSL, so you cannot
have a secure server for your mail server.
See http://httpd.apache.org/docs/1.3/vhosts/name-based.html (second
paragraph)
So using Name-based Virtual Hosts can be done with a single IP address, but
cannot implement a secure server and may fail when you use very old
browsers. Whereas IP-based Virtual Hosts can implement a secure server and
will work well but you will need multiple static IP addresses. Multiple
addresses are probably available from your ISP, but they will cost a little
more.
Of course you can have multiple web _pages_ by using the URL
mywebspace.co.uk/me/index.html and mywebspace.co.uk/mymate/index.html
What you are doing is trying to have multiple web _sites_.
Now I am not sure if i need it but I looked and attempted to use ISPconfign3m3s1s
but this seems to confuse me more.
The front end to it all - I would love to use the Joomla system (as i know
how to ue it for a single web system) but not sure what i need to do to
manage more than one webpage.
<<<<< Richard
I don't know either of these things, but your initial problems are not on
the PC, they're on the router and nameserver.
What is getting to me the most is DNS and nameservers etc. I have tried son3m3s1s
many different things - but not sure how involved i need to be with the
configs.
<<<<< Richard
This is my set-up:
www.mydomain.org.uk "A" record to 123reg's web redirector server. (I don't
run my own web server.)
mydomain.org.uk "A" record to 123reg's web redirector server. (That
surprises me.)
"MX" record, preference=10 to mypc.mydomain.org.uk (MX is
the mail redirection info)
"MX" record, preference=20 to a server at the ISP willing to
act as backup mail server.
mypc.mydomain.org.uk "A" record to my static IP address (for example
196.77.77.77).
77.77.77.196.in-addr.arpa "PTR" record to mypc.mydomain.org.uk (the "reverse
lookup")
Do i need to have my own nameserver? ns.mywebspace.co.uk and configure then3m3s1s
control panel at 123-reg to point my name server to this ns.mywebspace.co.uk
and the (external or internal) ip address of it?
<<<<< Richard
No, and it would be a bad idea. 123reg.co.uk does everything you need and
almost certainly has better servers than you.
when i edit the /etv/hosts file - server1.mywebspace.co.uk - do i usen3m3s1s
192.168.1.10 or the external ip address of my router?
<<<<< Richard
Everything inside the router knows nothing about the external address and
vice-versa. The router is the only device that knows both addresses. On your
PC you use only internal addresses.
do i need to edit or creater /etc/resolv.conf ? what do i need to put inn3m3s1s
there?
<<<<< Richard
No
If i need to create a nameserver - what should i do? (they mention 2 namen3m3s1s
server are needed) but i have one server - what do i point to as the second
server?
<<<<< Richard
You don't
If i want to create a subdomain - webmail.mywebspace.co.uk - how do i gon3m3s1s
about doing it?
<<<<< Richard
For Name-based Virtual Hosts:
You create an A record for your PC. That needs to be a name.domain sort of
thing. You create a reverse entry in the other direction.
mypc.mywebspace.co.uk "A" record to 888.888.888.888
888.888.888.888.in-addr.arpa "PTR" record to mypc.mywebspace.co.uk
You create CNAME records for each subdomain all pointing at the domain.
www.me.mywebspace.co.uk "CNAME" record to mypc.mywebspace.co.uk
www.mymate.mywebspace.co.uk "CNAME" record to mypc.mywebspace.co.uk
Set-up your webserver for name-based Virtual Hosts. See
http://httpd.apache.org/docs/1.3/vhosts/name-based.html
For IP-based Virtual Hosts it goes like this-
You create A records for each subdomain, all pointing at a seperate IP
address in your static range. You create reverse entries in the other
direction.
www.me.mywebspace.co.uk "A" record to 888.888.888.001
001.888.888.888.in-addr.arpa "PTR" record to me.mywebspace.co.uk
www.mymate.mywebspace.co.uk "A" record to 888.888.888.002
002.888.888.888.in-addr.arpa "PTR" record to mymate.mywebspace.co.uk
If I remember correctly the reverse entries are created automatically by
123reg if you check a checkbox.
You configure your router to NAT packets on port 80 of 888.888.888.001 to
port 80 of 192.168.1.10, and to NAT packets on port 80 of 888.888.888.002 to
port 81 of 192.168.1.10 (ie the same address, different port), and so on.
You configure your webserver (apache or whatever) to listen to both ports 80
and 81 and to identify as me.mydomain.co.uk on port 80 and as
mymate.mydomain.co.uk on port 81. see
http://httpd.apache.org/docs/1.3/vhosts/ip-based.html
(ignore the advice to use virtual interfaces, that work is being done by
your router.)
HTH
--
R Urwin
private
______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email
______________________________________________________________________
--
ubuntu-users mailing list
ubuntu-users@xxxxxxxxxxxxxxxx
https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
- Prev by Date: Re: new to ubuntu; have a few questions
- Next by Date: Re: runing x apps exported
- Previous by thread: Re: Completely Lost
- Next by thread: Re[2]: Screen resoluton
- Index(es):
Relevant Pages
|
