I will be serving my own pages and I need to set up DNS, Apache, Mail, etc. servers. Can somebody please advise me which servers belong on which machine? Also, which ip numbers belong where during install? I don't want to mess up anybody's DNS.

I've read a lot of material about IPs and DNS, but I've never actually put it in practice. So any help will be greatly appreciated. I've been using RH 7.2 for 2 years now on a workstation.

My understanding is that I set up primary and secondary DNS on separate machines as distant from each other as possible. Or, can I do this on a single machine? Do I then put the site server on the same machine as primary, secondary, or a totally different machine altogether.

ns.mysite.com - Which servers go on this machine?___________
ns2.mysite.com - Which servers go on this machine?__________

My ISP provided me with 5 IP addresses, where do they belong in the blanks below?

LAN SIDE IPs from ISP
5 static IPs: xxx.xxx.xxx.1-5
Gateway IP: xxx.xxx.xxx.6
Subnet Mask: 255.255.255.248
Primary DNS: xxx.xxx.30.12
Secondary DNS: xxx.xxx.29.12

WAN SIDE IPs from ISP
IP Address: xxx.xxx.xxx.18
Subnet Mask: 255.255.255.252
Gateway IP: xxx.xxx.xxx.17
Primary DNS: xxx.xxx.30.12
Secondary DNS: xxx.xxx.29.12

So the IP for my DSL modem/router is:
xxx.xxx.xxx.18
and the Gateway for it is:
xxx.xxx.xxx.17

During RH install, linux asks:

eth0,eth1

configure using DHCP y or n
activate on boot y or n

IP address:?__________
Netmask: ?__________
Network: ?__________
Broadcast: ?__________

Hostname:_ns.mysite.com or ns2.mysite.com
Gateway: ?_______
Primary DNS: ?_______
Secondary DNS:?_______
Tertiary DNS: ?_______

When I try filling in the IP address for eth0 or eth1 and tabbing to the next field, RH auto-fills in the remaining fields with different numbers than what I believe should be there or IP addresses that are not mine.

Thank you for your help.

ScottE

Ack..ThPPpppt!...
Wow, large topic. Let's start by mapping this out.

How is your network going to look when it's done?

(Internet)
|
| sometype of line in...DSL, Frame relay.
|
[Firewall/Router]? xxx.xxx.xxx.18 (eth0 external)
| xxx.xxx.xxx.1 (eth1 internal)
_____|___________________________________
| | | |
[ns1.mysite.com] [ns2.mysite.com] [Mail_Srv] [Web_Srv]
xxx.xxx.xxx.2 xxx.xxx.xxx.3 xxx.xxx.xxx.4 xxx.xxx.xxx.5


One option which I've used is to use Networksolutions as the host. Then use the DNS manager service and all I have to do is configure the DNS records. But if you want to host your own DNS server maybe consider a friend or other ISP for hosting your secondary.

Is the layout above what your trying to achieve? Is the Firewall/Router setup already?

Thank you for helpful response.

Yes, your diagram is what I had in mind. A picture is worth a thousand words. At any rate, I think I've got the IP designations sorted out.

My biggest concern now is how many machines I need and whether or not I can run multiple servers on the same machine. For instance, can I run the web server and mail server on the same machine as the DNS server (ns.mysite.com) or do I need to have 4 separate machines as your diagram showed?

I understand the logic behind not wanting to have ns2.mysite.com in the same physical location as ns.mysite.com so I'm considering http://www.granitecanyon.com to do secondary DNS. Have you heard anything one way or the other about them?

The router/firewall are onsite serving local traffic and outgoing requests. However, I'm not entirely certain the best way to allow traffic inbound. There appears to be a couple of ways to allow it. It is a Cayman 3546. Netopia's website http://www.netopia.com seems to suggest pinholes as the preferred method for allowing net traffic. Any thoughts?

Thanks,
ScottE

Most of it depends on how many users/ how much traffic your planning on supporting. I'm also not sure what distro your planning on using. So here's some thoughts/considerations to look at:

First my take on your question about hosting multiple services on one box. It can be done and done well especially with linux. If you were using widows you would definatley want to split those services out to different boxes.

It also depends to a certain degree on what hardware you have available to run this stuff on. Older hardware you might want to split it out for performance reasons. Newer, throw a couple of services on one or two boxes.

I've done it both ways. Benefits for separate boxes for each service means when you have to perform maintenance or have some disaster on the server or service everything isn't taken down. I would probably make the DNS server one box and put mail and web on a second. (Might even throw a proxy on the DNS server) Also would give you a couple of IP's to play with for testing.

Router:
I haven't used a cayman router/firewall. If it was linux or using IPtables I could help you out there. You could also set up a DMZ or sub network behind one of your addy's. For instance (More ASCII art comming)



(Internet)
|
|
[Cayman Router]
|
_____|_________________________
| |
[Linux Firewall]xxx.xxx.xxx.2(extif) [PublicIPs]
| 192.168.0.254(intif)
_____ |__________________
| |
[ns1.mydom.com] [mail/web.mydom.com]



The network inside the linux firewall would be private IP's and the linux would forward incomming requests to the proper box.
(just another option) Would let you controll traffic pretty strictly if you need to.


If you want to be simplistic as possible I'd look at:
E-Smith (http://www.e-smith.org)

It's quick and easy to setup. It has web, dns, proxy, mail and ftp services rolled into one package. You can allow and disallow whatever you like though.

I've got a couple running a mail/proxy servers no DNS, WEB or FTP, and they've been running flawlessly for over two years. ( I love Linux)

Anyway kinda rambling here. Sorry.

HTH

Cheers,
Scully