Complex Network Setup

From: Patrick McDonnell (pmcdonnell_at_muncc.marmionacademy.org)
Date: 08/13/04 

Date: Thu, 12 Aug 2004 20:29:07 -0500

I have a rather interesting network setup that I'm trying to configure. In
ASCII art:

                                               10.0.0.0/8
192.168 192.168.0.1---------- /---------\
.0.0/24|--x-----------| SERVER |------------x| Clients |
       |192.168.0.2 ----------10.0.0.2 \---------/
   ------------ |
   | WWW/MAIL | |
   ------------ | KEY: "x" = switch
        | |
        |66.99.20.134/27 |
        |66.99.20.133/27 |66.99.20.132/27
       INET INET

To summarize, the machine SERVER is connected to three networks: 1) the
Internet, with a static IP address. 2) a internal private network of
clients/workstations, using the 10.0.0.0/8 address range. Its IP address
on this network is 10.0.0.2 3) Another internal private network with the
subnet 192.168.0.0/24. Its IP address on this network is 192.168.0.1.

This third network serves as a high-speed. private connection between all
machines acting as Internet servers. Presently, this is only one other
machine acting as the Web and Mail server. I'm using two IP addresses so
as to move the mail server to its own machine.

On the "server" machine, I'm currently running an LDAP server, NFS server,
DHCP server and SSH server for both private networks. The SSH server is
also open to incoming connections from the Internet.

My problem here is how to setup hostnames/DNS for the machines on the
network, especially the SERVER and the web & mail server. Basically, the
DNS hostnames that will be entered into our ISP's name server are set in
stone. 66.99.20.132->muncc.marmionacademy.org.
66.99.20.133->www.muncc.marmionacademy.org.
66.99.20.134->mail.muncc.marmionacademy.org.

What I need to know is what to set for hostname and domain names for
machines on the internal network. This is especially confusing because, in
order to use Secure LDAP on both internal networks, the common name entry
of the certificate must be set to the FQDN of the server, which clients on
both networks have to connect to.

Now that my long-winded explanation of the situation is complete, I'm open
to suggestions as to what path to take. Will I need to setup one (or more)
DNS servers? Should I host DNS information for the internet-connected
machines myself, or should I leave it to the ISP, etc, etc.

Thanks in advance for any help you can provide.

Relevant Pages

  • Re: Outgoing POP3 email missing/lost/not received
    ... It looks like when you last ran CEICW, you set the ISP's mail server to: ... SUMMARY OF SETTINGS FOR CONFIGURE E-MAIL AND INTERNET ... Internet Connection Wizard. ... After the wizard completes, the following network connection ...
    (microsoft.public.windows.server.sbs)
  • RE: Problems with Permissions
    ... And SBS server is only take ... the role of an internal server. ... they are all configured to connected to internal network. ... g. Run the Configure Email and Internet Connection Wizard on SBS server. ...
    (microsoft.public.windows.server.sbs)
  • Re: Outgoing POP3 email missing/lost/not received
    ... ISP's mail server instead of the domain name on the ... SUMMARY OF SETTINGS FOR CONFIGURE E-MAIL AND INTERNET ... Internet Connection Wizard. ... After the wizard completes, the following network connection ...
    (microsoft.public.windows.server.sbs)
  • Re: Cant Connect Computers
    ... You want all Internet requests to ... flow through the SBS server, ... networking connection is not selected. ... you must rely on a firewall device to protect your network. ...
    (microsoft.public.backoffice.smallbiz)
  • Why is the server accessing the LAN nic to POP mail, given this summary?
    ... SUMMARY OF SETTINGS FOR CONFIGURE E-MAIL AND INTERNET ... Internet Connection Wizard. ... After the wizard completes, the following network connection ... Alternate DNS server: not provided ...
    (microsoft.public.windows.server.sbs)