multiserver setup

[IzFazt]

I am writing out a multiserver setup with ispconfig3 and I am trying to grasp the concept. I plan to use the recommended Debian Linux distro.

My goal is:

1. master ISPconfig
2. mysql database server
3. mailserver
4. one or more webservers

By digging through tons of forumposts and documentation I managed to find out for the slave setups I need to connect the database to the master. The Howtoforge OEL 5.4 setup answered more or less the greatest mystery I couldn't find this anywere else: on the database server, the mailserver and the webserver I only need to perform a limited install as compared to the Howtoforge Perfect Server Setup for Debian 5.0.

So in this installation tutorial one finds a total of 18 steps to perform, the first 3 considdering the installation of Debian Lenny. Step 18 I need to perform on all servers, for the master in standard mode, for the others in EXPERT mode. So far so understood.

But step 4 to 17 in my belief now only need to be performed on certain servers I plan to setup. Has anybody managed to install working nodes more or less like this setup and which of the following installs did he put on which node (mail, database, webserver, ispconfig master) ? Although some, like the setting the clock, very obvious need to be performed on all of them, also others are not so clear. Anybody? I typed out the steps so you can easily copy and write after them on which node they need to be installed.

4. SSH
5. Vim-Nox
6. Configure the network
7. Update Debian
8. Synchronize the clock
9. Install Postfix, Courier, Saslauthd, MySQL, phpMyAdmin, rkhunter, binutils
10. Install Amavisd-new, SpamAssassin, And Clamav
11. Install Apache2, PHP5, phpMyAdmin, FCGI, suExec, Pear, And mcrypt
12 Install PureFTPd And Quota
13 Install MyDNS
14 Install Vlogger And Webalizer
15 Install Jailkit
16 Install fail2ban
17 Install SquirrelMail

Also this question keeps me busy. Does every webserver need a public IP or is this managed and routed by ISP3?

[till]

Every server that shall be accessible from the internet needs one or more public IP addresses.

[IzFazt]

Quote:

Originally Posted by till

Every server that shall be accessible from the internet needs one or more public IP addresses.

But if the masterserver in this setup which holds ISPconfig is accessible by a unique public IP, does it route traffic for every site to the corresponding webserver (which in my question does not have a public IP) in the local net or does every slave webserver also need a unique PUBLIC ip?

Could you please advise me on my other question to set up the slaves?

[Toucan]

Answered in post 2: yes, you need a public ip address for every server, slave or master. Think of it like this, ispconfig3 cannot tell the world your mail server ip if it's an internal one.

Unless you're comfortable with the install process, you could install as per the guide and then switch off the services you don't want from the control panel.

[IzFazt]

@Toucan: tnxs very much sir for you clear answer!


So in IPSconfig 3 the trick for multiserver with 1 ip is the next I guess?

Soon I will get a cable connection with 5 ip's at my home. I will move 47 domains from Strato dedicated server to here.

Planned setup: I connect the first public IP to a node with a Smoothwall installation followed by a router. The router is connected to the master and the slaves and the portforwarding in Smoothwall for Ispconfig, mail, mysql, dns and web is set to the local ip of the corresponding master/slave node. This should have the system work on ONE ip?

If this works could there also be a way to have more then one webserver under this type of installation with one IP? Since I only can forward port 80 once. In other words can Apache serve namebased hosts on different nodes in the local net. Anybody done that before?

Quote:

Toucan: Unless you're comfortable with the install process

Not as much with the install process. This truly magnificant system is rather undocumented for mulltiserver setup. E.G. quota handling in multiserver setup unfortunately can only be described as black hole. First security will be taken care off by Smoothwall but I guess individual nodes will need individual measures for security like portsentry?

Quote:

you could install as per the guide and then switch off the services you don't want from the control panel.

This wil bring a lot of redundant processing I am guessing?

[till]

Quote:

So in IPSconfig 3 the trick for multiserver with 1 ip is the next I guess?

You need a dedicated IP for every server that shall be accessible from the internet. It does not matter if you use ispconfig or not.

[IzFazt]

Quote:

Originally Posted by till

You need a dedicated IP for every server that shall be accessible from the internet. It does not matter if you use ispconfig or not.

Over the past year I routed ports 80, 25, 110 and the others open in the Fireall to an ISPconfig2 server next to my Windows PC at my home sharing 1 public IP after the router and it was online for 12 months.

I do not see why traffic on ports 110 and 25 routed by Smoothwall - which has the public IP - to the mailserver node, or port 80 to the webserver node will not get there? What is the difference with mail, web and isp on the same server? They share 1 public IP in both cases? When traffic on the public IP is routed by Smoothwall to the corresponding node by portforwarding, 1 or many, the effect is the same? What other ports does the mailserver need conflicting with other nodes - in the local net after the node with portforwarding - then 25 and 110?

Where am I wrong?

[till]

Ok. As long as you do not run more then one web, mail, dns or database server, then its ok of course. But I really dont understand where your problem is then. Above you said that you want to run more webservers "4. one or more webservers" and then you need more IP addresses.

Are you really sure that it makes sense for you to run a multiserver system on a single IP dsl line? A single server with a current quadcaore and a few GB RAM is able to fill a 100mbit line already, so to make sense for a multiserver system, you would need a few hundred Mbit internet connection.

[IzFazt]

Quote:

Originally Posted by till

Ok. As long as you do not run more then one web, mail, dns or database server, then its ok of course. But I really dont understand where your problem is then. Above you said that you want to run more webservers "4. one or more webservers" and then you need more IP addresses.

Are you really sure that it makes sense for you to run a multiserver system on a single IP dsl line? A single server with a current quadcaore and a few GB RAM is able to fill a 100mbit line already, so to make sense for a multiserver system, you would need a few hundred Mbit internet connection.

Nice we agree on the multiserver on 1 IP setup.

I am limited to 5 ip's in this fase. 3 will be used for biggest websites so they have a unique IP for pageranking issues. One IP will be home network for kids and wife. The last one will share about 50 of my other sites. Bandwidth is not so much the issue here as is processing power and diskhandling. Also this is a test. If this has become under control and evolves further (the integration of aps standard is definately an issue) this ISPconfig multiserver setup might replace my other shared Plesk hosting with Installatron at Strato. Bandwidth is not an issue by the way, provider can supply upto 1 gbit connections in my home (Netherlands).