HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=27)
-   -   Initial config with new server, domain and 2 IP adresses (http://www.howtoforge.com/forums/showthread.php?t=54210)

eddie-prefere 21st September 2011 08:59

Initial config with new server, domain and 2 IP adresses
 
Thank you Falko and thank you for the tutorials on "perfect server with ..." They have helped me twice now, and I really appreciate it.

The one thing that I need more help understanding - which has always been a problem for me with your tutorials (both lenny and ispconfig2 and squeeze + ISPConfig 3) - and it's not adequately covered in the documentation or manual - is the very first step. So I will post a thread on this:

Basically, your guide to installing the perfect server doesn't address the following in terms many of us newbies can understand:

I order my first real dedicated server and I am given 2 IP addresses. I must use a domain, so I choose "domain.com". and that is assignedIP #1. I go to my registrar and create child nameservers ns1.domain.com and ns2.domain.com and give them IP #1 and IP #2 - OR is this already a mistake, since how can IP #1 work for BOTH domain.com and ns1.domain.com ? SO, do I have to create child namservers of domain.com and ns2.domain.com ? This is unclear and seems crucial. I have tried it BOTH ways and still cannot get a dig with ns2.domain.com to return anything for any domain. Also, I cannot get the webmail to work for my main domain, domain.com.

I saw your guide about how to do this, but it says you need 2 servers. So, it is unclear to me if you mean 2 actual hardware servers or 2 virtual instances on a server - OR do you mean creating 2 servers - without virtualization - on 1 dedicated server? - ISPConfig3 doen't let me add another server.

So, I am hoping someone will help with this very first step - which I really want to get right.

Thanks;

Eddie

Mark_NL 21st September 2011 10:03

The configuration of the ISPConfig system falls outside the scope of the "Perfect How-to's" for installing them.

Just register the 2 IP's at your registrar as being the "Authoritative" servers for "domain.com. (You can use hostnames, if your registrar supports glue records)

"A glue record is the IP address of a name server held at the domain name registry.
Glue records are required when you wish to set the name servers of a domain name to a hostname under the domain name itself."


When you've done that, all dns lookup requests for "*.domain.com" will be forwarded to one of those 2 IP's. From that point on, it's up to what you enter in de DNS admin part of the ISPConfig web interface.

eddie-prefere 21st September 2011 12:31

Yes I have done this
 
Thanks for your response. Of course I have already done this. I am wondering if the tutorial on "How To Run Your Own DNS Servers (Primary And Secondary) With ISPConfig 3 (Debian Squeeze) "

actually requires you to have two stand-alone servers or two virtual server instances - or is that use of the word "server" referring to something else?

In other words, can that tutorial be sucessfully completed with one (1) un-virtualized server?

Thanks.

Edddie

Mark_NL 21st September 2011 12:41

Well, if you keep it on one server, then there's no real secondary dns server. It's the same server that hosts the 2nd ip.

You can use 2 physical servers or 2 vm's to set up a more real pri/sec dns server setup.

It can be completed, just ignore all the replicating stuff, just set up the primary server and you're done.

eddie-prefere 21st September 2011 21:44

Problem with Squirrelmail
 
Thanks for your response Mark.

Youll be glad to know that I bought the ISPConfig 3 Manual!

I installed the squeeze for amd_64 with courier and ispconfig3

I added the symbolic links to use "webmail" as shown in the guide.

I have followed the instructions very carefully, and now cannot access any squirrelmail or webmail - a security pop-up box appears and tells me that it is downloading a file called "webmail".

when I "intodns.com" the server's main domain, net-speed.com, and two add-on domains, compulistings.com and internetbillingcenter.biz, I get no errors.

I have a feeling that I am still missing something in the DNS zone area. Would you tell me if the following looks like a good setup, please?

I set ns1.net-speed.com to IP1 and ns2.net-speed.com to IP2 - GLUE is good.

My server is called "net-speed.com" and has IP1

1.) Did I make a fatal mistake by using the domain net-speed.com as the server hostname (instead of something like server.net-speed.com) ?

2.) I added IP2 to the servers' IP address list in ISPConfig3. IP1 was already there. Was this the right thing to do? The manual doesn't cover when or why one would do this. (I also added 2 DNS servers that the server provider let me use as local resolvers for he server, IP3 and IP4. I veriied that all 4 IP's are in the /etc/resolv.conf file along with 127.0.0.0.)

3.) Is it recommended to use IP1, IP2 or * when adding web sites in ISPConfig3. The difference between these is not dealt with in the manual.

All websites are resolving, but I cannot get webmail on individual sites, only at the ip1:8080/squirrelmail URL.

I appreciate your help,

Ed

till 21st September 2011 23:04

1) You can not use net-speed.com for email addresses now on that server. If you plan to use this server as emailserver as well for domain net-speed.com, you will have to reconfigure the hostname in /etc/hostname, /etc/hosts, /etc/mailname and postfix main.cf file.

2) Thats ok. You add all IP addresses there that you want to use on your server. But dont forget to add the IP in the network card settings of your linux distribution too as described in the manual.

3) See pages 87, 241 and 245 of the manual. You select the IP address where the domain points to in dns or *, if its not a ssl website and no other website is assigned to that IP already. If you select the IP address as shown in chapter 5.3, then you are on the safe side.

eddie-prefere 22nd September 2011 00:14

Thanks - different problem now
 
Thanks for your response Till.

This server is an IBM and maybe that explains why it has eth0:67 instead of eth0:1 for the second ip address I added as regards the network card. The second IP ends in 67. If this doesn't seem right, please let me know.

Now that I have made the changes to change the server hostname to server1.net-speed.com, I receive the ISPConfig3 index.php landing page for all the sites, and I obtain the Squirrelmail login. Now I get the following error message when attempting all squirrrelmail logins - even newly created ones, even when I deleted email accounts and mailboxes and recreated, and with domains having both fast cgi and mod_php:

Error opening ../config/default_pref
Could not create initial preference file!
/var/lib/squirrelmail/data/ should be writable by user www-data
Please contact your system administrator and report this error.

I tried chmod ing the acl for the folder /var/squirrelmail/data/ and the .perf files inside it to allow group read, write and execute, but that did not help.

Is it supposed to work with fast_cgi or only with mod_php ? - I read about the mod_php fix in a different thread, but that was for a virtualized instance.

What would you suggest to allow login to squirrelmail?

Thanks again.

Also, I re-read the pages in the manual you listed, and nowhere in there does it explain why one would want to have ns1 rather than ns2 be the listed nameserver for any given website.

eddie-prefere 22nd September 2011 08:21

More problems and 2 questions
 
HELLO,

7 hours later my server is different - and I can no longer get the squirrelmail login page on most domains, only on 1! This seems very "buggy" to me.

Aditionally now "intodns.com" shows no reverse pointer record for MX

So I have a few questions:

1. How long after making changes to the DNS zones or websites areas in ISPConfig3 does it take for the changes to be reflected in the server? And, do I need to reload apache2 or not to make the changes in ISPConfig3 stick? Or is a full server reboot needed?

2. I have added the TXT record to my DNS Zones as follows (without really understanding it - just following the guide): "v=spf1 a mx ip4:94.228.222.66 -all"

I am trying to use 94.228.222.66 for mail (this is also the main IP for the server.net-speed.com and the IP for ns1.net-speed.com - it IS possible to have the same IP for these, isn't it?) and am using 94.228.222.67 for ns2.net-speed.com and setting the websites to that IP. Since I am trying to do it this way, - please tell me i this is wrong, if the "a" and the "mx" in that TXT record, above refer to A and MX records, should I remove the "a" from that TXT record?

3. The manual doesn't mention anything about whether or not it is important to set up a web domain or a DNS Zone first - could this be important, and what do you recommend, please?

4. Is it possible to change a Web Domain from fast_CGI to mod_PHP and back again at will in the ISPConig3 Manage - or is that the problem - since they involve different permissions/problems? Is there a tutorial on how to fix this?
Do we have to decide definitively which type of PHP we will use for each Web Domain when we create it, and then never change it for ISPConfig3 to work properly with squeeze?

5. Would an uninstall and then re-install of squirrelmail be the easiest thing to do at this point to get this server working right with email functioning with logins at each domain functioning? Or would you recommend deleting all web domains, dns zones, email accounts and mailboxes and start fresh?

There is nothing of value on this server, I want to get it right before starting to use it.

Thanks for your help.

Best regards,

Eddie

eddie-prefere 22nd September 2011 08:46

Error Example - buggy ISPConfig3?
 
For example, "internetbillingcenter.biz" and "compulistings.com" are setup EXACTLY the same way in ISPCongif - down to the least detail in DNS Zones, and Web Domains - yet when trying to access webmail - one gives a login screen which does not work and has the above-mentioned error, while the other does not give a login screen and a security pop-up box pops up and tries to download a file called "webmail"?

Lastly, I re-read Till's response, above in this thread, and perhaps did not comprehend what he states about choosing * or an IP for each Web Domain. I am hosting many many sites on this server, so without talking about ssl - which I know requires a dedicates Ip for each site, I want to use one IP for a hundred or more sites - Till says to choose the *, or if no other website is using an Ip an IP address, then says it is safer to choose an IP? I don't understand - I don't think this is very important, but I am trying to eliminate errors and set up the server properly - is it better to use the *, IP1 (which is being used for sever1.net-speed.com and ns1.net-speed.com) or IP2, which is being used for ns2.net-speed.com, OR try to balance the web domains and give half to each IP? I would appreciate a recommendation on this - or a clear statement that it doesn't matter at all.

Thanks

How can this be possible?

Thanks,

Eddie

till 22nd September 2011 10:48

Quote:

Lastly, I re-read Till's response, above in this thread, and perhaps did not comprehend what he states about choosing * or an IP for each Web Domain. I am hosting many many sites on this server, so without talking about ssl - which I know requires a dedicates Ip for each site, I want to use one IP for a hundred or more sites - Till says to choose the *, or if no other website is using an Ip an IP address, then says it is safer to choose an IP? I don't understand - I don't think this is very important, but I am trying to eliminate errors and set up the server properly - is it better to use the *, IP1 (which is being used for sever1.net-speed.com and ns1.net-speed.com) or IP2, which is being used for ns2.net-speed.com, OR try to balance the web domains and give half to each IP? I would appreciate a recommendation on this - or a clear statement that it doesn't matter at all.
If you dont use ssl, then you can either use * for ALL websites or the IP for ALL websites, but dont mix that! You can also balance it between the IP addresses as long as you dont mix it with *, but this wont give you any benefits.


All times are GMT +2. The time now is 15:38.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.