All home networking related discussions.
rodolfosevero007
New Member
Posts:
33
Joined:
Fri Jul 30, 2010 12:26 pm
Certs:
StiffMaister hahaha

My Datacenter @ Home :]

Fri Jul 30, 2010 12:57 pm

Hi guys i'm new here... nice forum btw...

I need some help with a dns server...

So here's the deal i'm trying to make my own datacenter i live in brazil and i'm having some trouble with just one thing.. the DNS server :/

The Idea: Making a datacenter at home with my 100mb fiber optics links from my isp (http://www.gvt.com.br), basically a static ip adress, and yes only one ip per link... well i wanna do something smart and reliable but also scalable so i can expand my business as it grows... the ideia is to make a rack per link so i use all i got in link 1 then i buy link 2 and make a new rack..

to show my idea i decided to make a... (i can't even describe it.. but hey at least i did :( ) btw i used paint...

[center]Image[/center]

So there you go... Also i want to use the least machines i can and i'll try to use virtual machines for that... Also i looking for energy efficiency so i was wondering using atoms for some things like the clearOS firewall for exemple... i got anything here... core i7, core i5, quad, core 2 duo, celeron even a pentium 3 that i'm using for tests (still good and pretty fast btw.. Pentium 3 1100mhz with windows server 2003 :O)

Resuming:

- Power Efficiency
- Avoild using Real Machines
- Avoild non open source softwares (mostly freeBSD and linux but somethings i'm going with server 2003, xp or seven and server 2008 for some things but i want the most possible stable system so if the open souce way it's not the best for that i'm gonna consider the other option even though it's hard linux being worse than windows in networking...)

So guys the thing is i don't need help with hardware and stuff i already figured everything out it's all done... just wanted to explain what i'm up to here...

My Problem: In order to protect the DNS server i wanted to use it behind a firewall so i could protect my network from Ddos attacks and such things.. So what i'm trying to do is:

Run a DNS Server on my local network, say my ip adress is 192.168.1.100 for this machine... and i want to forward to a valid ip adress... say 68.52.65.140.. all i really need to know is how to setup my dns server to host webpages in that dmz so the dns server is gonna be working with the same valid ip adress, and all other pages are going to be hosted within the same network.. so http://www.testing123.com is hosted in 192.168.3.105:854 (dmz) so i just want the DNS server to know that it's there and also 68.52.65.140:854 (i don't know if the dns server needs to use a valid ip adress or a local.. i really have no idea i never setup a dns server before...) i'd forward those ports so it'd be something like 68.52.65.140:854 for http://www.testing132.com domain...

Just a few exemples:

The DNS Server: ns1.bigmonkeyserver.com and ns2bigmonkeyserver.com (68.52.65.140:53)

Random webpage: http://www.chuckmonkey.com (hosted with 68.52.65.140:53 (DNS) at 68.52.65.140:5669 that was forwarded from 192.168.3.125:5669 (on the dmz)

Guys i know it's kinda complicated but i really could use some help... so the thing is..

- Can a DNS Server work on a local subnet and be forwarded to the valid ip adress?
- Can i host more pages on the same ip adress ?
- Is the DNS server only gonna work with those valid forwarded ip adresses or if it's in the same network we gotta configure it for the local or even both?

Thanks... A LOT AND I MEAN IT!

User avatar
mellowd
CCIE #38070
Posts:
13814
Joined:
Wed Jun 18, 2008 7:49 am
Certs:
CCIE (RS,SP), JNCIE-SP, BC-/SPNE/NP

Re: My Datacenter @ Home :]

Fri Jul 30, 2010 1:13 pm

rodolfosevero007 wrote:linux being worse than windows in networking...


Is this a joke?


Run a DNS Server on my local network, say my ip adress is 192.168.1.100 for this machine... and i want to forward to a valid ip adress... say 68.52.65.140.. all i really need to know is how to setup my dns server to host webpages in that dmz so the dns server is gonna be working with the same valid ip adress, and all other pages are going to be hosted within the same network.. so http://www.testing123.com is hosted in 192.168.3.105:854 (dmz) so i just want the DNS server to know that it's there and also 68.52.65.140:854 (i don't know if the dns server needs to use a valid ip adress or a local.. i really have no idea i never setup a dns server before...) i'd forward those ports so it'd be something like 68.52.65.140:854 for http://www.testing132.com domain...


If you really are serious about having a proper DNS server, why not just put it in a DMZ with a public IP? I recommend you buy this: http://oreilly.com/catalog/9780596001582


- Can a DNS Server work on a local subnet and be forwarded to the valid ip adress?

You're getting confused. Nothing is 'forwarded' - You send a DNS request to the DNS server asking for information. The DNS server responds with information about an IP address. Nothing is getting forwarded.

User avatar
ristau5741
Post Whore
Posts:
10618
Joined:
Tue Aug 21, 2007 2:15 pm
Certs:
Instanity

Re: My Datacenter @ Home :]

Fri Jul 30, 2010 1:20 pm

for the wenb site, you can use simple thing called host headers,
you can run many web servers on 1 IP address.

http://en.wikipedia.org/wiki/Virtual_hosting

User avatar
jared181920
New Member
Posts:
30
Joined:
Sun Sep 20, 2009 9:10 am
Certs:
CCNA

Re: My Datacenter @ Home :]

Fri Jul 30, 2010 1:27 pm

Welcome to the forum.

To start out, based on what you've posted I think you're mixing the roles of NAT and DNS together. In your situation I think what you'll want to do is host your domains with a hosting company, rather than hosting your own DNS server at your home, which unless it's configured properly, is susceptible to various kinds of attacks.

Once you've got a DNS hosting company setup for your domains (by this I mean, register your domain with a company such as dyndns.org or the like), then you're in business. From there what you'll want to do is find yourself a router capable of performing NAT functions, which virtually all of them are.

This being the networking-forums and all, I'd recommend something along the lines of a Cisco 800 series if you aren't looking to spend a whole lot, though a 2600XM series could do the job as well I think.

Once you've got those two things arranged here's what you'll want to do, and I'll use your FTP server as an example. On the edge router/firewall you'll configure NAT so that all of the FTP traffic (port 21 and 20) coming into your network from the internet goes to the FTP server. For example, 65.20.100.23:21 would be directed to 192.168.1.100:21.

Now this is where the DNS comes in. You don't want people to have to go through the pain of remembering your IP address so, with the DNS hosting package that I mentioned earlier you will be able to setup A records. An A record is a pointer that in a nutshell says if a user goes to test.testdomain.com then point them to 65.20.100.23 (test being the hostname, testdomain.com being the domain name). So in the case of your FTP server again you might setup something on your DNS server like this, ftp.testdomain.com -> 65.20.100.23.

When a user types in, in their favorite FTP client, ftp.testdomain.com, a DNS lookup will be performed, and then the client will get the answer which will point them to 65.20.100.23. From there your router will see the traffic destined for port 20 or 21, and match that against a NAT rule pointing it back to 192.168.1.100, and that's that.

I really hope that makes some kind of sense haha.

Jared
http://blog.ccnpjourney.com

rodolfosevero007
New Member
Posts:
33
Joined:
Fri Jul 30, 2010 12:26 pm
Certs:
StiffMaister hahaha

Re: My Datacenter @ Home :]

Fri Jul 30, 2010 1:33 pm

Thanks for the replies :)

yea totally a joke...

"If you really are serious about having a proper DNS server, why not just put it in a DMZ with a public IP?"

I got only ONE (1!) Valid ip adress for each link... so all i wanted is to setup everything in the same network.. that's the whole idea...

"You're getting confused. Nothing is 'forwarded' - You send a DNS request to the DNS server asking for information. The DNS server responds with information about an IP address. Nothing is getting forwarded."

The thing is i'm gonna run the DNS server BEHIND a firewall witch has a valid ip adress, so the dns server it's gonna be a LOCAL dns server, so i was wondering if i'd have to forward port 53 in order to host VALID webpages and use it as a VALID dns server for all the pages hosted in the dmz. That's why... because as far as i know a local dns server can't be seen from the outside without forwarding am i right? and the firewall i mentioned it's a pc working as a gateway so it's all local from it on...

Jared: Thanks for the reply but the thing is.. i wanna host A LOT of pages... and yes i know about the domains but then i need to setup the dns for that domain.. and as far i as know the domain must be properly setup and in the same network if i don't wanna use more than one ip adress as i said... because my isp it's awesome but they won't let me get more than one valid ip.. not for that price and i can't have a dedicated solution arround here it's way to expensive for nothing at all...
Last edited by rodolfosevero007 on Fri Jul 30, 2010 1:35 pm, edited 1 time in total.

User avatar
mellowd
CCIE #38070
Posts:
13814
Joined:
Wed Jun 18, 2008 7:49 am
Certs:
CCIE (RS,SP), JNCIE-SP, BC-/SPNE/NP

Re: My Datacenter @ Home :]

Fri Jul 30, 2010 1:35 pm

Can't you get a /29 block from your ISP?

rodolfosevero007
New Member
Posts:
33
Joined:
Fri Jul 30, 2010 12:26 pm
Certs:
StiffMaister hahaha

Re: My Datacenter @ Home :]

Fri Jul 30, 2010 1:36 pm

mellowd wrote:Can't you get a /29 block from your ISP?


No :/

User avatar
mellowd
CCIE #38070
Posts:
13814
Joined:
Wed Jun 18, 2008 7:49 am
Certs:
CCIE (RS,SP), JNCIE-SP, BC-/SPNE/NP

Re: My Datacenter @ Home :]

Fri Jul 30, 2010 1:38 pm

If you have to forward you can. There is no problem with that

User avatar
jared181920
New Member
Posts:
30
Joined:
Sun Sep 20, 2009 9:10 am
Certs:
CCNA

Re: My Datacenter @ Home :]

Fri Jul 30, 2010 1:46 pm

rodolfosevero007 wrote:Jared: Thanks for the reply but the thing is.. i wanna host A LOT of pages... and yes i know about the domains but then i need to setup the dns for that domain.. and as far i as know the domain must be properly setup and in the same network if i don't wanna use more than one ip adress as i said... because my isp it's awesome but they won't let me get more than one valid ip.. not for that price and i can't have a dedicated solution arround here it's way to expensive for nothing at all...


I still wouldn't recommend running your own DNS server at home. Yes running your own DNS server for your LAN only isn't an issue. But having your DNS server serve requests and queries from the internet, probably not such a good plan.

In your case how many domains do you want? And remember, domains aren't ftp.testdomain.com, the domain in that case is only testdomain.com. Even if you're looking at hosting 5 domains from your home, I would still recommend a DNS hosting company, as most will give you a discount depending on the number of domains you register.

I'm not quite sure what kind of pages you want to host but there are several ways of doing it. Again lets assume your domain name is testdomain.com, if you want to host say a blog, a forum, and perhaps a CMS you can do it several ways. You could firstly make them sub-folders in your root folder on your web server. So they could look like http://testdomain.com/blog, or http://testdomain.com/forums. Notice how I didn't include www in the beginning of those? That's simply because www is just an A records, which is another way you can host multiple pages.

You could set up it up so when users want to go to your blog they go to http://blog.testdomain.com, or for your forums they go to http://forums.testdomain.com. Doing it this way gets you into some more nitty gritty web server details than I'm familiar with, so I'll leave it to the experts to explain that a bit more if need be.
http://blog.ccnpjourney.com

rodolfosevero007
New Member
Posts:
33
Joined:
Fri Jul 30, 2010 12:26 pm
Certs:
StiffMaister hahaha

Re: My Datacenter @ Home :]

Fri Jul 30, 2010 1:47 pm

mellowd wrote:If you have to forward you can. There is no problem with that


So it would work without any issues and i could host all other websites within the same ip adess?

Man... i'd be running one main dns server i even got myself a domain for testing yesterday http://www.digitality.com.br (i hosted with a friend of mine here we can't get brazillian domains without the info about ns1 and ns2...)

SO the thing is i still haven't move to where i'm gonna be making my own datacenter that's why i can't test it yet.. i wanna get this all done before testing.. so it won't take too long to get it working....

so another thing...

say now the valid ip adress is 200.221.11.100 i need to host http://www.digitality.com.br as the main webpage (my datacenter's) and the dns server with the same ip adress so my domin is http://www.digitality.com.br witch is 200.221.11.100:1560 forwarded from 192.168.3.165:1560 and ns1.digitality.com.br and ns2.digitality.com.br witch is 200.221.11.100:53 forwarded from 192.168.1.100:53 right?

If so, my only problem is now to setup the dns server (it's gonna be the worse nightmare i ever had in my live but it's worth it...)

S

rodolfosevero007
New Member
Posts:
33
Joined:
Fri Jul 30, 2010 12:26 pm
Certs:
StiffMaister hahaha

Re: My Datacenter @ Home :]

Fri Jul 30, 2010 1:53 pm

jared181920 wrote:
rodolfosevero007 wrote:Jared: Thanks for the reply but the thing is.. i wanna host A LOT of pages... and yes i know about the domains but then i need to setup the dns for that domain.. and as far i as know the domain must be properly setup and in the same network if i don't wanna use more than one ip adress as i said... because my isp it's awesome but they won't let me get more than one valid ip.. not for that price and i can't have a dedicated solution arround here it's way to expensive for nothing at all...


I still wouldn't recommend running your own DNS server at home. Yes running your own DNS server for your LAN only isn't an issue. But having your DNS server serve requests and queries from the internet, probably not such a good plan.

In your case how many domains do you want? And remember, domains aren't ftp.testdomain.com, the domain in that case is only testdomain.com. Even if you're looking at hosting 5 domains from your home, I would still recommend a DNS hosting company, as most will give you a discount depending on the number of domains you register.

I'm not quite sure what kind of pages you want to host but there are several ways of doing it. Again lets assume your domain name is testdomain.com, if you want to host say a blog, a forum, and perhaps a CMS you can do it several ways. You could firstly make them sub-folders in your root folder on your web server. So they could look like http://testdomain.com/blog, or http://testdomain.com/forums. Notice how I didn't include www in the beginning of those? That's simply because www is just an A records, which is another way you can host multiple pages.

You could set up it up so when users want to go to your blog they go to http://blog.testdomain.com, or for your forums they go to http://forums.testdomain.com. Doing it this way gets you into some more nitty gritty web server details than I'm familiar with, so I'll leave it to the experts to explain that a bit more if need be.


So it would be worth paying them to host my own dns server rather than having my own at home? That'd be arround 100 doamins o,O For a start even more with time.... and not only domains a lot of other services and servers....

I guess what you're telling me is that i'm gonna use too much bandwidth for hosting my own dns server? but can i run a dns server with a dedicated server out there and still have my own hosting at home? or maybe a secondary link only for all DNS requests?

"domains aren't ftp.testdomain.com" that's a sub domain :]

I want to sell hosting, for we brazillians it's a lot better hosting in the country because we won't have that latency and also game servers like counter strike each ms counts... I'm looking more like 2000 domains than 5 right now... so the thing is kinda serius...

User avatar
jared181920
New Member
Posts:
30
Joined:
Sun Sep 20, 2009 9:10 am
Certs:
CCNA

Re: My Datacenter @ Home :]

Fri Jul 30, 2010 1:56 pm

rodolfosevero007 wrote:
jared181920 wrote:
rodolfosevero007 wrote:I want to sell hosting, for we brazillians it's a lot better hosting in the country because we won't have that latency and also game servers like counter strike each ms counts... I'm looking more like 2000 domains than 5 right now... so the thing is kinda serius...


Ohh ok, well I got the impression this was a few servers sitting in your house. In that case I suppose that changes things. That being said my recommendation to not host your own DNS server was not because of bandwidth constraints, it was more because I assumed based on what you were describing that this was just a simple home setup with a few domains.
http://blog.ccnpjourney.com

rodolfosevero007
New Member
Posts:
33
Joined:
Fri Jul 30, 2010 12:26 pm
Certs:
StiffMaister hahaha

Re: My Datacenter @ Home :]

Fri Jul 30, 2010 2:02 pm

jared181920 wrote:Ohh ok, well I got the impression this was a few servers sitting in your house. In that case I suppose that changes things. That being said my recommendation to not host your own DNS server was not because of bandwidth constraints, it was more because I assumed based on what you were describing that this was just a simple home setup with a few domains.


I know... i shouldn't have said 'home' datacenter because defenelly it's not even close to home servers... even though i've seen some pretty badass setups on youtube and they said 'home' as well...

moose517
Member
Posts:
121
Joined:
Fri Jul 24, 2009 6:47 pm

Re: My Datacenter @ Home :]

Fri Jul 30, 2010 10:27 pm

sorry to interject into your thread, but i have something somewhat similar i was wanting to do. i have a domain name registered with godaddy, basically when i get my comcast business account i point the a record to my WAN IP and i'm set right? i was planning on running DNS servers here but then thought about what you said and figured it would be a bad idea.


Return to Home Networking

Who is online

Users browsing this forum: No registered users and 28 guests