Design recommendation help

Hi there,
we have 100 Mbit FiOS at work and my boss just gave me ok to set up a server for me and some other coworkers who would like to host our blogs there and what not. I have some experience with webmin but none with virtualmin. Here’s the layout:

As you can see the virtualminserver will be hosted behind a firewall and the DNS servers (Windows) are hosted behind a seperate firewall in another network (same geographical location and I have admin access to all of them).

What I’ve been trying to figure out is how this setup would work with virtualmin and multiple domains? I’m assuming that this setup means that any of the virtualserver admins can’t add a sub-domain for instance without contacting me. Is there any way to set this up so the virtualmin server can update the records on the windows machines or should I not use the Windows DNS servers and set up my own?

Any help, ideas or pointers would be greatly appreciated.

//Dan

Post edited by: dkcp, at: 2009/02/17 23:25<br><br>Post edited by: dkcp, at: 2009/02/18 01:42

Hey, nice diagram.

Yeah, the problem there is that even if you configured the Windows DNS servers to be DNS slaves of the Virtualmin box, you’d still have to manually setup the zones for new domains.

OTOH, if you made those DNS servers Linux boxes running Webmin, you could use this guide in order to get them to play nice with your Virtualmin box:

http://www.virtualmin.com/documentation/id,dns_slave_auto-configuration_quickstart/

Ok, thanks. I’ve given my solution some more thought and have come up with two alternatives. There basically the same.

Alt 1.
Run two identical machines. Primary will be the active one and will host all domains including DNS. A third machine will be used solely for the primary machine to dump it’s backups on. The secondary machine will be standby in case something goes wrong with the primary during system upgrades or other issues. Domains can be restored to this machine as it will be in the pre-upgrade state. All machines will be running behind a firewall with NAT.

Alt 2.
Same setup as before but without the firewall but maybe it complicates things.

Pro’s and cons? Does it complicate things much to run everything behind a firewall?

It’s not letting me edit at the moment but Alt 2. should only read:

Same setup as before but without the firewall.

why not let the virtualmin box run bind and setup bind on that box?
you could also run http://www.virtualbox.org/ on one of those widows machines with ubuntu and webmin. then let that vbox run bind ?