Setting up internal and external network using ISPConfig

Discussion in 'General' started by Showa, Oct 16, 2010.

  1. Showa

    Showa HowtoForge Supporter

    Hello to you all,

    ISPconfig 3 is working like a dream for my external network. I would like to know if the next setup is possible.

    I would like to have an internal and an external network with two nic's eth0 and eth1. Eth0 is used for my external network using ip 192.168.2.10. ISPConfig is setup using this ip and nic.

    My internal network is on eth1 using ip 10.0.0.10 I setup Samba and I'm able to connect to my internal network. In hosts I added servername to both ip's an put the ip's and names of the internal networkcomputers.

    Is it possible to edit named.conf and adding zones in ISPConfig for internal and external network? In the Centos Bible by Boronczyk and Negus there is an example. If neccessary I wil copy this.

    Do I need two seperate servernames for both networks, instead of one I'm now using?

    The server I build has to replace my old server, the old one is only configured for the internal network, and uses Pervasive sql. My new server has to host a few websites, and I would like to backup my internal network using a connection to my homeadress.

    With kind regards Ad.
     
  2. falko

    falko Super Moderator

    Do you mean BIND views? http://www.howtoforge.com/two_in_one_dns_bind9_views

    This is not supported by ISPConfig, so you'd have to configure this manually.
     
  3. Showa

    Showa HowtoForge Supporter

    No I have got the book, in there is an example for thenamed.conf file and a few zones.

    In the example DNS Server = example.com; Localhost = 127.0.0.1; internet = 123.45.67.89; FTP server = 123.45.67.3; mail server = 123.45.67.2; web server = 123.45.67.1; LAN = 10.0.0.10; LAN adress = 10.0.0.10/18 red.example.com = 10.0.0.20 blue.example.com = 10.0.0.30; green.example.com = 10.0.0.40; and yellow.example.com = 10.0.0.50

    Here is the example named.conf:

    options {
    directory "/var/named";
    dump-file "/var/named/data/cache_dump.db";
    statistics-file "/var/named/data/named_stats.txt";
    };

    acl "mylan" {
    127/8; 10.0.0.0/24;
    };

    controls {
    inet 127.0.0.1 allow { localhost; } keys { rndckey; };
    };

    view "inside" {
    match-clients { "mylan"; };
    recursion yes;

    zone "." IN {
    type hint;
    file "namd.ca";
    };

    zone "0.0.10 in-addr.arpa" IN {
    type master;
    file "yourlan.db";
    };

    zone "example.com" {
    type master;
    file "db.example.com. inside";
    allow-transfer { 10.0.0.20; };
    };
    };

    view "outside" {
    match-clients { any: };
    recursion no;

    zone "." IN {
    type hint;
    file "named.ca";
    };

    zone "example.com" {
    type master;
    file "db.example.com.outside";
    allow-transfer { 123.45.67.2; };
    };
    };

    include "/etc/rndc.key";

    Here the inside zone:

    $TTL 86400
    @ IN SOA example.com. hostmaster.example.com. (
    2010101701 ; Serial
    28800 ; Refresh
    14400 ; Retry
    3600000 ; Expire
    86400 ) ; Minimum
    ; Name servers
    IN NS ns1.example.com.
    IN NS ns2.example.com.
    ; Mail server for domain
    IN MX 10 mail.example.com.

    ; Public servers
    ns1 IN A 10.0.0.10
    ns2 IN A 10.0.0.20
    mail IN A 123.45.67.2
    www IN A 123.45.67.3
    ftp IN A 123.45.67.4

    ; Private clients on the LAN
    red IN A 10.0.0.20
    blue IN A 10.0.0.30
    green IN A 10.0.0.40
    yellow IN A 10.0.0.50

    ; EOF

    and the outside zone:

    $TTL 86400
    @ IN SOA ns1 example.com. hostmaster.example.com. (
    2010101701 ; Serial
    28800 ; Refresh
    14400 ; Retry
    3600000 ; Expire
    86400 ) ; Minimum
    IN NS ns1.example.com
    1 IN PTR example.com.
    2 IN PTR red.exaqmple.com.
    3 IN PTR blue.example.com.
    4 IN PTR green.example.com.
    5 IN PTR yellow.example.com.

    ; EOF

    Can I implement this in ISPConfig, maybe as a secondary DNS? Or else where do I have to put these files, and what do I have leave out, this because I think ISPConfig is my outside view?

    Ad.
     
  4. Showa

    Showa HowtoForge Supporter

    Meanwhile I did a lot of reading about DNS and I will have a go at creating the necessary files to solve my problem.
    I still have a few questions.

    Can I put the changes for the named.conf in the named.conf.local file so I can easily make corrections.
    This because there is in the named.conf file a include /var/named/chroot/etc/named.conf.local part.

    Question two for ns1 and ns2 is it possible to use the nameservers which I use for my domains in ISPConfig, in my case ns0.domeinbalie.nl and ns1.domeinbalie.nl?

    Will the changes I make in named.conf have effect on ISPConfig?

    I also noticed that in my file system there seems to be an endless string when looking at var -> named -> chroot -> var -> named -> chroot -> var -> named -> chroot etc. Is this normal?

    With kind regards Ad.
     
    Last edited: Oct 31, 2010
  5. Showa

    Showa HowtoForge Supporter

    Hello,

    I think I'm a little bit further in my quest.

    This is the named.config file I made it is in the named.conf.local file:

    acl "mylan" {
    127/8; 10.0.0.0/24;
    };

    controls {
    inet 127.0.0.1 allow { localhost; } keys { rndckey; };
    };

    view "inside" {
    match-clients { "mylan"; };
    recursion yes;

    zone "." IN {
    type hint;
    file "named.root";
    };

    zone "0.0.10.in-addr.arpa" IN {
    type master;
    file "yourlan.db";
    };

    zone "amtand.nl" {
    type master;
    file "db.amtand.nl.inside";
    // allow-transfer { 10.0.0.40; };
    };
    };

    view "outside" {
    match-clients { any; };
    recursion no;

    zone "." IN {
    type hint;
    file "named.root";
    };

    zone "amtand.nl" {
    type master;
    file "db.amtand.nl.outside";
    allow-transfer { 192.168.2.10; };
    };
    };

    include "/var/named/chroot/etc/rndc.key";

    This my outside zone:

    $TTL 86400
    @ IN SOA amtand.nl. hostmaster.amtand.nl. (
    2010103102 ; Serial
    28800 ; Refresh
    14400 ; Retry
    3600000 ; Expire
    86400 ) ; Minimum
    ; Name servers
    IN NS dns0.domeinbalie.nl.
    IN NS dns1.domeinbalie.nl.

    ; Mail server for domain
    IN MX 10 mail.amtand.nl.

    ; Public servers
    ns1 IN A 81.171.114.51
    ns2 IN A 82.94.224.155
    mail IN A 192.168.2.10
    www IN A 192.168.2.10
    ftp IN A 192.168.2.10

    ; EOF

    My inside zone:


    $TTL 86400
    @ IN SOA amtand.nl. hostmaster.amtand.nl. (
    2010103107 ; Serial
    28800 ; Refresh
    14400 ; Retry
    3600000 ; Expire
    86400 ) ; Minimum
    ; Name servers
    IN NS ns1.amtand.nl.
    IN NS ns2.amtand.nl.

    ; Mail server for domain
    IN MX 10 mail.amtand.nl.

    ; Public servers
    ns1 IN A 10.0.0.10
    ns2 IN A 8.8.8.8
    mail IN A 192.168.2.10
    www IN A 192.168.2.10
    ftp IN A 192.168.2.10

    ; Private clients on the LAN
    pcbalie IN A 10.0.0.20
    kamer2 IN A 10.0.0.30
    kamer1 IN A 10.0.0.40
    rontgen IN A 10.0.0.50

    ; EOF

    and my yourlan.db file:

    $TTL 86400
    @ IN SOA ns1.amtand.nl. hostmaster.amtand.nl. (
    2010103102 ; Serial
    28800 ; Refresh
    14400 ; Retry
    3600000 ; Expire
    86400 ) ; Minimum
    IN NS ns1.amtand.nl
    10 IN PTR amtand.nl.
    20 IN PTR pcbalie.amtand.nl.
    30 IN PTR kamer2.amtand.nl.
    40 IN PTR kamer1.amtand.nl.
    50 IN PTR rontgen.amtand.nl.

    ;EOF


    This is my resolv.conf file:

    nameserver 8.8.8.8
    nameserver 192.168.2.254
    search amtand.nl
    nameserver 127.0.0.1
    nameserver 10.0.0.10

    Checking the zones and named.conf with named-checkzone and named-checkconf give no problems.
    I,m able to ping the computers from both sides. But my internal network doesn't connect. I suppose there is something wrong with the nameservers. Who has an answer.

    Ad.

    Totally of topic but how do you get those nice windows with the slidingbars?
     
    Last edited: Nov 1, 2010

Share This Page