IP Addressing and DNS / NameServer Setup

Hi

I am building my server now and I could really use some help on a few things:

My Details:

Operating system: CentOS Linux 6.0
Webmin version = 1.562
Virtualmin version = 3.88.gpl GPL
Kernel and CPU Linux 2.6.32-71.29.1.el6.x86_64 on x86_64

Setting up IP Addressing:

Specifically - I have my assigned static ip addresses from my colocation facility and I am not sure how to set them up.

I want to make sure that I have it setup correctly before I ship the server to the data center so I can access the machine after its setup.

I have been given the subnet, Default Gateway, Customer Primary IP, and 4 additional Customer IP addresses

Its my understanding to set the IP addresses up correctly I do the following:

1. Login to the CENTOS6 Desktop

2. Go to System - Preferences - Network Connections - select Auto eth0 - and edit.

3. Click on the IPv4 Settings. Enter my Customer Primary IP in the Address field; the subnet mask givin in the Netmask field, and the Gateway provided in the Gateway field.

4. For the DNS servers field enter: 127.0.0.1

5. What about the 4 additional IP Addresses I have been given? Do I assign them by going to “Edit Virtual Server” - External IP Address - check the circle and enter the additional customer IP address given in the box. Doing this of course for my sites that require a SSL certificate - leaving the default option selected for “same as real address” for sites that do not need a static IP.

6. Currently - when I go in virtualmin “System Settings” - “Re-check Configuration” I get the following error: Default IP address is set to 192.168.1.7, but the detected external address is actually 67.XXX.XXX.XXX. This is typically the result of being behind a NAT firewall, and should be corrected on the module configuration page. Is this something I need to do? Or is this a temporary thing that I am seeing while the machine is on my LAN and by setting the IP as listed above will fix this error?

Setting up the domain name for my server:

When installing virtualmin the install states that you need to choose a fully qualified domain name - one for which you will not be recieving mail. I will be purchasing a domain name from godaddy for use with Virtualmin. The blurb on fully qualified domain names says:

“The install script will add this name to /etc/hosts, which will satisfy all local services. It is even better if this name resolves correctly when looked up from outside of the system–this requires the name be added to your DNS zone for the second level domain. If the Virtualmin server you are installing will be the authoritative name server for this zone, you can later use Webmin to add a record for this name to the zone.”

Can you please explain this to me because I am not understanding this?

Would I register the domain name = test.com and when installing virtualmin name the virtualmin server ns1.test.com?

I assume I need to add dns records at godaddy.

This part also confuses me: " If the Virtualmin server you are installing will be the authoritative name server for this zone, you can later use Webmin to add a record for this name to the zone."

Since this is my 1st server I assume I will also need to do this. To do this I plan on following the instructions listed here: http://www.virtualmin.com/node/6827 Is this the guide I should follow?

Thanks in advance!

Howdy,

Login to the CENTOS6 Desktop

Well, given the option – I’d actually recommend not using a system with a desktop setup on it… a desktop uses a lot of resources, and introduces security concerns.

You can use Virtualmin to setup your network interfaces… you can do that in Webmin -> Networking -> Network Configuration.

You could setup the networking via the desktop preferences, but I’m not familiar with the steps of how to do that

The nameservers should be set to 127.0.0.1

Currently - when I go in virtualmin “System Settings” - “Re-check Configuration” I get the following error: Default IP address is set to 192.168.1.7, but the detected external address is actually 67.XXX.XXX.XXX.

Hmm… that sounds like your ethernet interface is set to an internal IP, not the external IP you’ll need it to be to send it away to the data center.

What about the 4 additional IP Addresses I have been given?

That depends on how you want to use them. Are you hoping to use them for SSL for some domains on your server? If so, you can just setup those IP’s as needed by adding a domain name, going into Server Configuration -> Change IP Address, and add an IP in the “Use private address” field.

When installing virtualmin the install states that you need to choose a fully qualified domain name - one for which you will not be recieving mail. I will be purchasing a domain name from godaddy for use with Virtualmin.

A fully qualified domain name (FQDN) is something like host.domain.tld. You’d need to use that as your hostname.

I assume I need to add dns records at godaddy.

You can, but that’s up to you… you can either host DNS at GoDaddy, or you can host it yourself.

If you want to host it yourself, you’d have to register your nameservers at GoDaddy, as described here in the section “How do I setup nameservers for my server?”:

http://www.virtualmin.com/documentation/dns/faq

Hi

Thanks for the reply and advice!

I have a few more questions relating to the ones I already asked.

A.

I am a windows admin of 8 plus years so running a Centos6 desktop helps me operate a linux server. If I am going to run with a desktop can you recommend any reading for securing it? I ran a security scan against it with the server placed in the dmz and it only came up with a few ports that were opened for required services. I read that you can run without a desktop - running a simple command to bring up the desktop. Is that a good compromise? I have 32 GB Ram installed so I am thinking ram will not be an issue.

B.

My last question is in regards to the Black Arts of DNS.

You said I can either host dns myself or host it at godaddy.

What is the best way to do it? I would think godaddy since they have more resourses dedicated to dns?

Godaddy says you can use the same ip address for the 2 name server entries. Is that a good idea?

In the instructions you listed above it states:

“After registering your nameservers at your domain name registrar – you’ll want to log into Virtualmin, select your “example.com” domain, click Server Configuration -> DNS Records, and create a new “A - IPv4 Address” record for ns1.example.com and ns2.example.com.”

Lets say that this is a fresh install of virtualmin. I have no virtual servers created. Do I have to create a domain that will be used for DNS so I can - as stated above - select example.com and click server configuration . . . . and continue on with the instructions.

C.

Does the fully qualified domain name you give the server at installation have anything to do with this?

I am still confused on this. I guess I was thinking that the name you give the server at installation would be the name of the name servers? That is - purchase the name test.com. When installing virtualmin select host1.test.com. Set the name servers as ns1.test.com and ns2.test.com. The static IP assigned to me as the main client IP would thus would not be used for accepting mail, would be the ip address used to access the virtualmin server, and would function of ns1 and ns2.

But if I am understanding this correctly I would still use the main static ip associated with test.com for accessing the virtualmin server but would actually need to purchase a 2nd domain name to be used for the virtual server setup so you can click server configuration - dns records - Create a new A . … etc.

The instructions state that its good if the name resolves on the internet. If this is the case will the domain name not also be setup to receive mail? or do you just remove the mx records for the domain name you setup to resolve to virtualmin?

As you can see I am a tad confused here on naming the server and would really appreciate help on the DNS setup . . .

Thanks in advance!!

Kyle

Howdy,

I unfortunately don’t have any documentation for you regarding how to secure a desktop on the Internet. Now, in theory – what Webmin and Virtualmin attempt to do is provide you with the functionality to admin a server via the Internet using a GUI.

What is the best way to do it? I would think godaddy since they have more resourses dedicated to dns?

Which way is best comes down to personal preference… running it at GoDaddy means you don’t have to deal with the initial DNS setup. But, for any domain you add to your server, you’d have to manually setup the DNS for it at GoDaddy.

Godaddy says you can use the same ip address for the 2 name server entries. Is that a good idea?

If both IP’s would be on the same server anyways, it doesn’t really matter if they’re the same IP.

Does the fully qualified domain name you give the server at installation have anything to do with this?

it can, it doesn’t have to

Many people would choose a hostname like “host.example.tld” as the server’s hostname, and ns1.example.tld and ns2.example.tld for the nameservers.

In that case, example.tld would have to be added as a Virtual Server – and in Server Configuration -> DNS Records, you’d have to add ‘A’ records for the hostname and 2 nameservers.

-Eric

Regarding your point about running a desktop to help operate a linux server:

In CentOS 5, probably carried over to 6, during installation there is a set of roles set by default and it assumes you’re installing a desktop with that option checked.

When it comes to that screen, if you uncheck everything but server and server-gui you can eliminate desktop tools (including firefox which you may want to reinstall later) and still get a gui to manage the server.

That being said, unless you are doing something out of the ordinary realm of operating a web/mail server, your choice of Webmin/Virtualmin may almost make that moot because there is probably very little you will need to do to manage the server outside of the Webmin/Virtualmin interface.