- Start the Ubuntu server and connect using PuTTY.
- At the login prompt, login with your administrator account (administrator / myadminpass) and then type su and the root password (myrootpass)
- At the $ prompt, type aptitude -y install vim-nox for use instead of the built-in VI editor. more info
- At the $ prompt, type aptitude -y install bind9 to install a local DNS server.
- At the $ prompt, type aptitude -y install p7zip-full to install 7-zip archive utility.
- Type dpkg-reconfigure dash and answer No
- Remove AppArmor to avoid problems by typing the following:
Code:/etc/init.d/apparmor stop update-rc.d -f apparmor remove aptitude remove apparmor apparmor-utils
- Reboot the server by typing reboot
Configure Domain Resolution (DNS)
- Connect to the server using PuTTY
- At the login prompt, login with your administrator account (administrator / myadminpass) and then type su and the root password (myrootpass)
- Sanity check! Make sure BIND is running. Type /etc/init.d/bind9 status
- At this point, you can save yourself a lot of typing if you have a copy of the configuration files on your PC and simply copy them to the share. Then you can set the appropriate file permissions and copy them where they need to go. But if not and this is your 1st time installing the server, here are the details for configuring by hand.
- Edit the hosts by typing vi /etc/hosts and change the following:
From:
To:Code:127.0.0.1 localhost 127.0.1.1 mail.mydomain.com mail
Code:127.0.0.1 localhost.localdomain localhost 192.168.107.25 mail.mydomain.com mail- Edit the DNS servers by typing vi /etc/resolv.conf and set it to the following:
Code:nameserver 127.0.0.1 nameserver 192.168.107.23 nameserver 192.168.107.212 nameserver 200.100.10.1 nameserver 200.100.10.2 domain mydomain.com search mydomain.com- Type the following commands:
Code:mkdir /var/cache/bind/internal mkdir /var/cache/bind/external touch /var/cache/bind/internal/db.mydomain.com touch /var/cache/bind/internal/db.107.168.192.in-addr.arpa touch /var/cache/bind/external/db.mydomain.com cp /etc/bind/named.conf.options /etc/bind/named.conf.options.bak cp /etc/bind/named.conf.local /etc/bind/named.conf.local.bak cp /etc/bind/named.conf.default-zones /etc/bind/named.conf.default-zones.bak- Stop the DNS server by typing /etc/init.d/bind9 stop
- Edit the DNS options by typing vi /etc/bind/named.conf.options and set the following:
NOTE: The IP addresses are public IP addresses of the DNS servers you use in the outside world. The query-source address line is to allow your machine to hit the DNS if oddball DNS ports are blocked. You can leave it commented if you do not need it.Code:options { directory "/var/cache/bind"; query-source address * port 53; forwarders { 200.100.10.1; 200.100.10.2; }; auth-nxdomain no; # conform to RFC1035 listen-on-v6 { any; }; };- Restart the network by typing /etc/init.d/networking restart
- Type the following vi /etc/hostname and add the following text, save and exit:
Code:mail.mydomain.com- To check results, type hostname and then hostname -f which should result with:
Code:mail mail.mydomain.com- Edit the local DNS file by typing vi /etc/bind/named.conf.local and set the following:
Code:acl internals { 127.0.0.0/8; 192.168.107.0/24; }; view "internal" { match-clients { internals; }; recursion yes; zone "mydomain.com" { type master; file "/var/cache/bind/internal/db.mydomain.com"; }; zone "107.168.192.in-addr.arpa" { type master; file "/var/cache/bind/internal/db.107.168.192.in-addr.arpa"; }; }; view "external" { match-clients { any; }; recursion no; zone "mydomain.com" { type master; file "/var/cache/bind/external/db.mydomain.com"; }; };
14.Edit the internal reverse zone file by typing vi /var/cache/bind/internal/db.107.168.192.in-addr.arpa and set the following:
Code:$TTL 86400 @ IN SOA mail.mydomain.com. root.mydomain.com. ( 201109231448 ; Serial (increment after edit) 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 86400) ; Negative Cache TTL NS mail.mydomain.com. 1 PTR mail.mydomain.com.- Edit the internal zone file by typing vi /var/cache/bind/internal/db.mydomain.com and set the following:
Code:; mydomain.com $TTL 86400 @ IN SOA mail.mydomain.com. root.mydomain.com. ( 201109231335 ; Serial (increment after edit) 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800) ; Negative Cache TTL ; Define the nameservers and the mail servers @ IN NS 192.168.107.25. IN MX 10 mail.mydomain.com. IN A 192.168.107.25 mail IN A 192.168.107.25- Edit the external zone file by typing vi /var/cache/bind/external/db.mydomain.com and set the following:
Code:; mydomain.com $TTL 86400 @ IN SOA mail.mydomain.com. root.mydomain.com. ( 201109231335 ; Serial (increment after edit) 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800) ; Negative Cache TTL ; Define the nameservers and the mail servers @ IN NS 198.100.100.100. IN MX 10 mail.mydomain.com. IN A 198.100.100.100 mail IN A 198.100.100.100- Since views were used, they also need to be used in the default zone. Type vi /etc/bind/named.conf.default-zones and set the following:
Code:// prime the server with knowledge of the root servers acl internals-default { 127.0.0.0/8; 192.168.107.0/24; 192.168.106.0/24; // Keep adding all your internal subnets here. }; view "internal-default" { match-clients { internals-default; }; recursion yes; zone "." { type hint; file "/etc/bind/db.root"; }; // be authoritative for the localhost forward and reverse zones, and for // broadcast zones as per RFC 1912 zone "localhost" { type master; file "/etc/bind/db.local"; }; zone "127.in-addr.arpa" { type master; file "/etc/bind/db.127"; }; zone "0.in-addr.arpa" { type master; file "/etc/bind/db.0"; }; zone "255.in-addr.arpa" { type master; file "/etc/bind/db.255"; }; };
- Ensure the correct ownership and permissions of all config files:
Code:chown root:bind /var/cache/bind/internal/* chown root:bind /var/cache/bind/external/* chmod 0644 /var/cache/bind/internal/* chmod 0644 /var/cache/bind/external/*- Start the DNS server by typing /etc/init.d/bind9 start
- That was a lot of typing and room for error so check the log for any errors: vi /var/log/daemon.log
- Sanity check! At this point, if you type nslookup mail.mydomain.com, you should see that your internal DNS server (127.0.0.1) returned the result of your internal IP address (192.168.107.25 for your FQDN of mail.mydomain.com)
- Sanity check! Type dig mydomain.com mx and make sure you see a status of NOERROR along with an MX record to your FQDN, NS record for your internal IP and an A record your FQDN to your internal IP.
- Shutdown and power off the server by typing shutdown -P now {ENTER}
- In VM menu, select VM --> Snapshot --> Take Snapshot. Give it a name like STEP 3 and description of Ubuntu Server 10.04.4 LTS, Split-DNS configured, Static IP: 192.168.107.25. Click OK. The Snapshot Manager should now have a nice hierarchy of snapshots (STEP 1 --> STEP 2 --> STEP 3 --> You are here)
Final Ubuntu Changes
- Start the Ubuntu server and connect using PuTTY.
- At the login prompt, login with your administrator account (administrator / myadminpass) and then type su and the root password (myrootpass)
- Update the package database by typing aptitude update
- Install the latest updates by typing aptitude -y safe-upgrade
- Shutdown and power off the server by typing shutdown -P now {ENTER}
- In VM menu, select VM --> Snapshot --> Take Snapshot. Give it a name like STEP 4 and description of Ubuntu Server 10.04.4 LTS, all patches applied, Static IP: 192.168.107.25. The Snapshot Manager should now have a nice hierarchy of snapshots (STEP 1 --> STEP 2 --> STEP 3 --> STEP 4 --> You are here)
- NOTE: Over time, upgrades to the kernel can start taking up space in /etc/src. I found this out because my root partition started to get full. When I typed this command: du -sh /usr/src/* I found out there was over a gigabyte of old files. To cleanly clear out old an unused headers, type the following commands:
Code:apt-get -f install apt-get autoremove
No comments:
Post a Comment