Setting up a network

Diezel · Posted: Mon Jun 14, 2004 9:33 am Post subject: Setting up a network

Not any normal LAN but a "real" one.
What I would like to know is, what do I need to set this up.

1. I want to have my own external DNS server(s)
2. I'll have my own domain name for example me2.com

My webserver will run there, and my mailserver and so on.

Do I need more than 1 external DNS or is 1 sufficent? If one is enough I could possibly manage with one Static IP. Otherwise I will need more right!?
All you network gurus, I know you are out there so please enlighten me

// Diezel
_________________
A bus station is where a bus stops, a train station is where a train stops. On
my desk I have a work station..
Nixadmins.net
FLUG member 473

rmalolepszy · Apprentice Joined: 01 Jan 2004 Posts: 167

I believe you should have at least two DNS servers on different class c blocks. If you have only one static IP address, you might as well take advantage of your registrar's TLD and name servers. Hosting a web, mail and a firewall on the same IP shouldn't be a 'huge' security issue (it depends on how secure you want your setup to be). I would not serve them all from the same machine, again though this depends on how secure you want to be.

For a small setup, i would put a firewall on one machine utilizing your static IP address. Forward ports 80, 443, 25 (and whatever other ports you need - 110 for pop3) to the the internal machine(s) hosting the web and or mail servers. If at all possible, you don't want to run any applications other then the firewall on the machine with the static external IP address.
_________________
Cheers,
Ryan

nobspangle · Posted: Mon Jun 14, 2004 1:37 pm Post subject:

If you have you only have 1 IP address and 1 mail server, webserver etc. Then you only need to have 1 DNS server also at that IP. There is no point in having a redundant DNS server as there is no point being able to resolve your IP address if your server isn't working.
If you intend on having your servers running on different physical boxes, or you are going to have a backup MX for your email, you're better off having two DNS servers to give some redundancy.

DaveArb · Guru Joined: 29 Apr 2004 Posts: 510 Location: Texas, USA

I agree with having two DNS servers, though the "Class C block" comment is a bit dated. :wink:

Your DNS servers should be on separate everythings, server/netblock/internet connection. In other words, for reliability you should have at least one internal DNS box and one external service.

Nobspangle, the assumption that only one IP address means only one server is faulty. On "my" network, we use only one IP on our public /29, but have 3 publically accessible servers. Even on a single server, having only one DNS means if the machine goes down, you've disappeared from the 'net, having another means requests will get a more appropriate "server down" message.

Dave

nobspangle · Posted: Mon Jun 14, 2004 2:10 pm Post subject:

I didn't mean that if you had 1 IP you would have 1 server. I meant if you had 1 server you only needed 1 DNS server, but I take your point that it is nicer for people to be able to resolve your IP but not be able to contact your server.

Personally I act as the secondary DNS for a friends domains and his server is the secondary for my domains. We also act as each others backup MX

Diezel · Posted: Mon Jun 14, 2004 3:22 pm Post subject:

Thanks for your replies. I am able to host a secondary DNS on another line, but I think I'll check how hard this one will be pressed first.
_________________
A bus station is where a bus stops, a train station is where a train stops. On
my desk I have a work station..
Nixadmins.net
FLUG member 473