Completely Lost

Richard Urwin RUrwin at
Thu Nov 9 11:46:36 UTC 2006

From: n3m3s1s 4u
Sent: 18 October 2006 09:41
>>>> n3m3s1s
Well I have been all over - read all there is about DNS and bind - Read
Howto forums etc - but still seem to be stumbling on something - but cant
put my finger on it.

Here are my objectives but not sure if i am taking things further than i
need and would really appreciate some help. 

I have got a 123-reg domain - (here i am allowed to change
everything on dns, nameservers, A records CNAME's etc.

I have a Ubuntu -server installation on my personal home machine (running at
the moment as a virtual machine Until i get things right) 

I have pointed my domain name to the external (static) Ip address of my
router - 888.888.888.888 (for eg)
I have configure my router to forward ports on 8080, 80, 23, 21, 110, 10000
etc etc to the internal ip address (static)

<<<<< Richard
You almost certainly shouldn't be forwarding all those ports. Each port you
forward is a security risk. Those are incoming ports, right? Outgoing
connections don't use those forwarding rules; you don't need to forward port
110 to get mail with POP3, only to allow someone else to get mail _from_
your PC. The only ports you forward incoming should be those ports you need
to use and are sure that you have the corresponding server configured
securely. In particular Telnet (port 23) is a Bad Thing, but you may have
meant 25 (SMTP).

A fairly secure and usable starting point is "Nothing In, Everything Out",
then poke holes in as and when you need to. My setup allows nothing in
except ping replies and SMTP. If I ran a webserver I'd also have to allow
port 80, and similarly for FTP. I only allow SMTP in because I run a mail
server - most people wouldn't need that.

>>>>> n3m3s1s
My true intentions are : to have multiple webpages under my domain name :
like - and and once i have email
set up for EVERYTHING at to goto a web login at say . (obviosly will have all the mail stuff set up
according to the howtoforge guid on 6.06 perfect setup)

<<<<< Richard
There are two ways to do this, and doing it without having a seperate static
address for each domain will mean that you cannot use SSL, so you cannot
have a secure server for your mail server.

See (second

So using Name-based Virtual Hosts can be done with a single IP address, but
cannot implement a secure server and may fail when you use very old
browsers. Whereas IP-based Virtual Hosts can implement a secure server and
will work well but you will need multiple static IP addresses. Multiple
addresses are probably available from your ISP, but they will cost a little

Of course you can have multiple web _pages_ by using the URL and
What you are doing is trying to have multiple web _sites_.

>>>>> n3m3s1s
Now I am not sure if i need it but I looked and attempted to use ISPconfig
but this seems to confuse me more. 

The front end to it all - I would love to use the Joomla system (as i know
how to ue it for a single web system) but not sure what i need to do to
manage more than one webpage.

<<<<< Richard
I don't know either of these things, but your initial problems are not on
the PC, they're on the router and nameserver.

>>>>> n3m3s1s
What is getting to me the most is DNS and nameservers etc. I have tried so
many different things - but not sure how involved i need to be with the

<<<<< Richard
This is my set-up: "A" record to 123reg's web redirector server. (I don't
run my own web server.) "A" record to 123reg's web redirector server. (That
surprises me.)
                "MX" record, preference=10 to (MX is
the mail redirection info)
                "MX" record, preference=20 to a server at the ISP willing to
act as backup mail server. "A" record to my static IP address (for example "PTR" record to (the "reverse

>>>>> n3m3s1s
Do i need to have my own nameserver? and configure the
control panel at 123-reg to point my name server to this
and the (external or internal) ip address of it?

<<<<< Richard
No, and it would be a bad idea. does everything you need and
almost certainly has better servers than you.

>>>>> n3m3s1s
when i edit the /etv/hosts file - - do i use or the external ip address of my router?
<<<<< Richard
Everything inside the router knows nothing about the external address and
vice-versa. The router is the only device that knows both addresses. On your
PC you use only internal addresses.

>>>>> n3m3s1s
do i need to edit or creater /etc/resolv.conf ? what do i need to put in
<<<<< Richard

>>>>> n3m3s1s
If i need to create a nameserver - what should i do? (they mention 2 name
server are needed) but i have one server - what do i point to as the second
<<<<< Richard
You don't

>>>>> n3m3s1s
If i want to create a subdomain - - how do i go
about doing it?

<<<<< Richard
For Name-based Virtual Hosts:

You create an A record for your PC. That needs to be a name.domain sort of
thing. You create a reverse entry in the other direction. "A" record to 888.888.888.888 "PTR" record to

You create CNAME records for each subdomain all pointing at the domain. "CNAME" record to "CNAME" record to

Set-up your webserver for name-based Virtual Hosts. See

For IP-based Virtual Hosts it goes like this-

You create A records for each subdomain, all pointing at a seperate IP
address in your static range. You create reverse entries in the other
direction. "A" record to 888.888.888.001 "PTR" record to "A" record to 888.888.888.002 "PTR" record to

If I remember correctly the reverse entries are created automatically by
123reg if you check a checkbox.

You configure your router to NAT packets on port 80 of 888.888.888.001 to
port 80 of, and to NAT packets on port 80 of 888.888.888.002 to
port 81 of (ie the same address, different port), and so on.

You configure your webserver (apache or whatever) to listen to both ports 80
and 81 and to identify as on port 80 and as on port 81. see
(ignore the advice to use virtual interfaces, that work is being done by
your router.)


R Urwin

This email has been scanned by the MessageLabs Email Security System.
For more information please visit 

More information about the ubuntu-users mailing list