RUrwin at SRHSYSTEMS.com
Thu Nov 9 11:46:36 UTC 2006
From: n3m3s1s 4u
Sent: 18 October 2006 09:41
Well I have been all over - read all there is about DNS and bind - Read
Howto forums etc - but still seem to be stumbling on something - but cant
put my finger on it.
Here are my objectives but not sure if i am taking things further than i
need and would really appreciate some help.
I have got a 123-reg domain - mywebspace.co.uk (here i am allowed to change
everything on dns, nameservers, A records CNAME's etc.
I have a Ubuntu -server installation on my personal home machine (running at
the moment as a virtual machine Until i get things right)
I have pointed my domain name to the external (static) Ip address of my
router - 888.888.888.888 (for eg)
I have configure my router to forward ports on 8080, 80, 23, 21, 110, 10000
etc etc to the internal ip address (static) 192.168.1.10
You almost certainly shouldn't be forwarding all those ports. Each port you
forward is a security risk. Those are incoming ports, right? Outgoing
connections don't use those forwarding rules; you don't need to forward port
110 to get mail with POP3, only to allow someone else to get mail _from_
your PC. The only ports you forward incoming should be those ports you need
to use and are sure that you have the corresponding server configured
securely. In particular Telnet (port 23) is a Bad Thing, but you may have
meant 25 (SMTP).
A fairly secure and usable starting point is "Nothing In, Everything Out",
then poke holes in as and when you need to. My setup allows nothing in
except ping replies and SMTP. If I ran a webserver I'd also have to allow
port 80, and similarly for FTP. I only allow SMTP in because I run a mail
server - most people wouldn't need that.
My true intentions are : to have multiple webpages under my domain name :
like - me.mywebspace.co.uk and mymate.mywebspace.co.uk and once i have email
set up for EVERYTHING at mywebspace.co.uk to goto a web login at say
webmail.mywebspace.co.uk . (obviosly will have all the mail stuff set up
according to the howtoforge guid on 6.06 perfect setup)
There are two ways to do this, and doing it without having a seperate static
address for each domain will mean that you cannot use SSL, so you cannot
have a secure server for your mail server.
See http://httpd.apache.org/docs/1.3/vhosts/name-based.html (second
So using Name-based Virtual Hosts can be done with a single IP address, but
cannot implement a secure server and may fail when you use very old
browsers. Whereas IP-based Virtual Hosts can implement a secure server and
will work well but you will need multiple static IP addresses. Multiple
addresses are probably available from your ISP, but they will cost a little
Of course you can have multiple web _pages_ by using the URL
mywebspace.co.uk/me/index.html and mywebspace.co.uk/mymate/index.html
What you are doing is trying to have multiple web _sites_.
Now I am not sure if i need it but I looked and attempted to use ISPconfig
but this seems to confuse me more.
The front end to it all - I would love to use the Joomla system (as i know
how to ue it for a single web system) but not sure what i need to do to
manage more than one webpage.
I don't know either of these things, but your initial problems are not on
the PC, they're on the router and nameserver.
What is getting to me the most is DNS and nameservers etc. I have tried so
many different things - but not sure how involved i need to be with the
This is my set-up:
www.mydomain.org.uk "A" record to 123reg's web redirector server. (I don't
run my own web server.)
mydomain.org.uk "A" record to 123reg's web redirector server. (That
"MX" record, preference=10 to mypc.mydomain.org.uk (MX is
the mail redirection info)
"MX" record, preference=20 to a server at the ISP willing to
act as backup mail server.
mypc.mydomain.org.uk "A" record to my static IP address (for example
188.8.131.52.in-addr.arpa "PTR" record to mypc.mydomain.org.uk (the "reverse
Do i need to have my own nameserver? ns.mywebspace.co.uk and configure the
control panel at 123-reg to point my name server to this ns.mywebspace.co.uk
and the (external or internal) ip address of it?
No, and it would be a bad idea. 123reg.co.uk does everything you need and
almost certainly has better servers than you.
when i edit the /etv/hosts file - server1.mywebspace.co.uk - do i use
192.168.1.10 or the external ip address of my router?
Everything inside the router knows nothing about the external address and
vice-versa. The router is the only device that knows both addresses. On your
PC you use only internal addresses.
do i need to edit or creater /etc/resolv.conf ? what do i need to put in
If i need to create a nameserver - what should i do? (they mention 2 name
server are needed) but i have one server - what do i point to as the second
If i want to create a subdomain - webmail.mywebspace.co.uk - how do i go
about doing it?
For Name-based Virtual Hosts:
You create an A record for your PC. That needs to be a name.domain sort of
thing. You create a reverse entry in the other direction.
mypc.mywebspace.co.uk "A" record to 888.888.888.888
888.888.888.888.in-addr.arpa "PTR" record to mypc.mywebspace.co.uk
You create CNAME records for each subdomain all pointing at the domain.
www.me.mywebspace.co.uk "CNAME" record to mypc.mywebspace.co.uk
www.mymate.mywebspace.co.uk "CNAME" record to mypc.mywebspace.co.uk
Set-up your webserver for name-based Virtual Hosts. See
For IP-based Virtual Hosts it goes like this-
You create A records for each subdomain, all pointing at a seperate IP
address in your static range. You create reverse entries in the other
www.me.mywebspace.co.uk "A" record to 888.888.888.001
001.888.888.888.in-addr.arpa "PTR" record to me.mywebspace.co.uk
www.mymate.mywebspace.co.uk "A" record to 888.888.888.002
002.888.888.888.in-addr.arpa "PTR" record to mymate.mywebspace.co.uk
If I remember correctly the reverse entries are created automatically by
123reg if you check a checkbox.
You configure your router to NAT packets on port 80 of 888.888.888.001 to
port 80 of 192.168.1.10, and to NAT packets on port 80 of 888.888.888.002 to
port 81 of 192.168.1.10 (ie the same address, different port), and so on.
You configure your webserver (apache or whatever) to listen to both ports 80
and 81 and to identify as me.mydomain.co.uk on port 80 and as
mymate.mydomain.co.uk on port 81. see
(ignore the advice to use virtual interfaces, that work is being done by
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email
More information about the ubuntu-users