The Presence of the Running Machine on the Internet

Everything has a start, and has an end.

Deploying a server over the Internet is different from setting up a local server without being revealed to outside people. For a server to be unknown on the Internet by fully-qualified hostname, it requires some registration processes. Furthermore, since the server is known to the public, some security measures should have been taken to avoid the abuse of the server.

This package includes basic elements for network operation, for example, DNS, FTP, firewall, backup storage server, VPN (Virtual Private Network) and Email .

We start from the introduction on Domain name registration with the following diagram:

1. Purchase domain name from the “vendor for domain name registration”

The “Domain Name Registration Vendor” usually will provide a Web interface for you to query your desired domain name. You may find some of the domain names you like have been acquired by other people. It is necessary for you need to find a domain name that is not being occupied. And then make the purchase of the domain name from the “Domain Name Registration Vendor” to complete this step.

2. Purchase Internet bandwidth and obtain “static” IP addresses from your local ISP (internet service provider).

Usually, the ISP will give you a set of IP addresses that may include a list of public IP addresses, the netmask, and the default Gateway. This IP information will be used when you install the software and configure your server. You shall keep the information in a safe place once you obtain that from your ISP.

3. Find a legitimate “DNS host provider”

It is to host your domain name (which you get from step 2) and the associated static IP address (which you get from step 3) record so that everybody on Internet can use your domain name to reach your server. Usually, the “DNS host provider” will provide a Web interface to allow you to input your domain name and the mapped IP address record into their hosted server. This step is completed after you have entered the data into the web page.

4. Update the record at the “Domain Name Registration Vendor” server with the IP addresses of the “DNS host provider”.

At this step, you need to access the website provided by “Domain Name Registration Vendor”. If you do not know the DNS server’s IP addresses of your “DNS host provider”, you can do as follows at your Windows command prompt (the command prompt is reached through Start > Run > cmd), issue the command

　　C:\>nslookup DNS-server- name-from-your-provider

The system will respond with the IP address of your “DNS host provider”. Usually, you need to find two IP addresses of the two DNS servers provided by “DNS host provider” (one is called primary DNS host server, the other is secondary DNS host server). The two IP addresses will be entered into the record in the place of “Domain Name Registration Vendor”. We suggest using primary DNS server and secondary server from different places. The Azblink server package also provides DNS server. But to allow people all over the world can query your domain, you should have your domain name placed in different DNS servers to alleviate the load.

5. Wait until it is in effect.

In general, it needs 24 hours to 72 hours to have your domain name record of the server populated across the world so that people can use domain name to access your server.
Those are the general steps as long as you want to have your own private server(s) on Internet.

Basic Web Setting

After the system installation be finished, take the CD out, reboot the machine, and then start the basic network setting for the system.

There are two modes to configure the host, one is console mode on the local host, and the other is Web interface mode on Client. You can choose the one you like or just by the network environment of that time.

Console Mode --- configure on local host

A. Input account and password to login into console configuration interface.

　login：reset
　Password：root123

B. You will see 7 options after login in

　1. IP Address：192.168.19.185
　2. Netmask：255.255.255.0
　3. Default Gateway：192.168.19.1
　4. Save and Reboot
　5. Reset to CD setting (DHCP) and Reboot
　6. View Current Active Values
　7. Exit without Saveing Changes

C. Is there any fixed ip ready for configuration?

　 Yes, type fixed IP address, Netmask and Default Gateway into option 1.2.3. severally. You can use up
　　and down arrow to choose the option who needs edit, and then press enter to configure. After option 1.2.3
　　be correctly configured, you can use option 4 to save these changes and reboot the machine. (If you have
　　no idea about the Netmask and Default Gateway, you can just refer to the Completion List provided by your
　　ISP.)

　 No, if there is a DHCP server providing the IP assignment services in your network, you can just use option6
　　to check the IP address assigned by the system. After checking eth0, please write down the IP address, and
　　remember to use option 7 to quit the Console interface.

D. By the IP address you set or the one obtained from DHCP, you can view the configuration page of the
　　 system host via Web browser on remote Client.

※ DHCP server exists in your network, but if you find eth0 shown as IP 1.2.3.4 when you check current system value, please check if your network cables plug into wrong place (eh0 and eth1 may been exchanged), or if there are some problems on other equipments. (Refer to Q&A in the manual)


Web interface Mode --- configure at sub-network

A. Is the host, which you installed system on, connected by other hosts?

　 Yes, please confirm the host is the only DHCP sever (that is to say the network should not have other
　　DHCP servers, e.g. IP distributor), and then start from C.

　 No, please complete basic network configuration according to B’s instruction.

B. A network cable makes host’s eth1 port and the Hub connected. And use another cable to connect to
　　Hub, let the other end of this cable link to a common Client computer.

C. Choose one Client computer from the sub-network which connected to the system host.

D. Open command prompt on the Client (suppose it’s a Windows machine), type “ipconfig” and then press
　“Enter” button, check whether the Default Gateway is 172.16.9.1 or not?

　 Yes, just close the command prompt, enter into next step.

　 No, type “ipconfig/release” to release the old IP in your computer, and then type “ipconfig/renew” to get
　　new assigned IP.
　　(If you are still unable to obtain new IP, please check if the network has other DHCP sever or not, or maybe
　　TCP/IP of this Client does not use the mode of “Obtain an IP Address Automatically”.)

E. Open your Browser, and type http://172.16.9.1 at the address bar to link. When you visit the page at the
　　first time, you will see 4 items;

　　Host Name：Please set Host Name for this host.
　　Admin Password：Default password is admin123.
　　New Admin Password：Please set new password.
　　Confirm Password：Please confirm your new password.

F. After you enter into system page, go to System>>Network, choose Internet or PPPoE depending on the
　situation.

　 Choose Internet. At the Internet Interface, mostly, you should set the values for IP address / Netmask /
　　Default Gateway and then submit, restart your machine and you will find it already connected to Internet.

　 Choose PPPoE. If you use PPPoE, remember to check the checkbox of “Turn on PPPoE”. Fill in the account
　　and password provided by ISP and submit, reboot your computer, then you can connect to the network.
　　(Please refer to the sections of Configuration and Q&A in Quick Installation Guide if you have any questions.)

DNS Zones

As we mentioned earlier, this software server package includes DNS server. Although hosting a DNS server together with your email server and Web server for the people outside to issue domain name query is not a good idea, it might be a good choice to use it as a secondary DNS server in case the primary one is down.

The purpose of DNS server is to provide the mapping between fully-qualified host names and associated IP addresses.  The basic idea is quite simple: you purchase domain name from “domain name vendors” (e.g., www.verisign.com ). Thus, you “own” that domain name. With that domain name, you can have multiple host names. However, you need to map them to the corresponding IP addresses.  Domain name vendors should have the user interface for you so that you can set the DNS server(s) of your domain and those DNS server(s) are with the information for the mapping of the full-qualified host name and IP address.  Those are the steps you should know when you obtain any domain names anywhere.  In the User Interface provided by our server package, you need to create a “zone”. That “zone” is your domain name.

After you create it, you can put host and IP address mapping in the table “Address (A) Record”. Please notice that “Mail Exchange (MX) Record” is for putting “Email server record”.  Sometimes, if you do not put MX record for your email server, the emails sent out from that server would be treated as junk mails by some mail filter programs.  For the sake of completeness, you should not skip it.

There are many details about the setting of DNS server. It would take the whole book if every detail is introduced. For quick and easy setup, you can just focus on “Address (A) Record” and “Mail Exchange (MX) Record”.

Add a Domain (New Zone) in DNS

To add a domain into DNS server, we start with creating a New Zone in the following screen:





In the diagram above, we create a zone by entering “kkkkbbb.com” and hit “Create” button.

Managing DNS Records

By clicking the domain name, it will display different types of records in DNS server for the people to fill in. Those are

SOA
Name Server ( NS record )
Host Address ( A record )
Canonical Name (CNAME )
Mail Exchanger ( MX record )
SPF (Sender Policy Framework for Email verification )
TEXT ( TXT record )



The items shown on the top are those records in DNS server for different purposes; by pressing those buttons on the top, it will lead you to fill those records in DNS server. Here, we just introduce the usages of those records without getting into details. For more information, you should just refer to the literature for DNS server.

Immediately, you can specify the IP address(es) for the host(s) in your domain. Usually, it does not need to type “fully-qualified host name”; it only needs to type as “www”, or “mail”.  If fully-qualified host name is entered, it needs to have a trailing dot at the end.  For example,

Hostname: kkkkbbb.com.
Address: 1.2.3.4

Please notice that there is a “dot” after “kkkkbbb.com”.

SOA (Start of Authority Record)

As a DNS server, it does not entertain the queries for name resolving from its own database; if a host name can not be resolved from its local database, the DNS server will issue the query to “higher-layer DNS servers”. When the query result is returned from “higher-layer DNS servers”, it would keep the result for a period of time so that it can respond the same queries from its DNS clients without asking “higher-layer DNS servers” during this period.

On the other hand, some “higher-layer DNS servers” might query this DNS server for its local records. Usually, this happens when you set the records in your “Domain Name Registration Vendor” to indicate that you want to use “this” DNS server for keeping the records of the domain name(s) you purchase.

The parameters in this screen are setting the limit for those queries or zone transfer in the scenarios mentioned above so that the DNS would be protected by avoiding over-polling from others.

Serial number: the serial number is used for tracking the DNS record change history. The serial number shall always increase while changes are made so that the other hosts will know there are changes.

Refresh Period: this is the time for a secondary domain name server to come back to get a copy of the zone. So, it will know if there is new copy.

Retry Interval: if an attempt to make “refresh” fails, it will wait for another period of time to try again. “Retry Interval” specifies the time for waiting to retry.

Expiration Period: the secondary domain name server(s) will use this to know how long it should hold this information to consider it as “authoritative”. It should be larger than “retry interval” and “minimum TTL”.

Minimum TTL:
TTL stands for “Time to Live”; TTL is used that how much time the record shall be kept. Usually, TTL will be specified in any “Resource Record” ( denoted as RR in DNS terminology ). If there is no TTL specified in a “Resource Record”, it will use this “Minimum TTL”

Name Server ( NS records )

CNAME (Canonical Name)

CNAME is used to define an alias for a hostname.

Mail Exchange ( MX record )

SPF ( Sender Policy Framework )

SPF is used for the other mail servers to verify the validity of email sender IP address. It is implemented by using TXT record in DNS server. So, when you refer to other DNS literature, you would find out SPF should belong to TXT record. We just list it separately so that it can be configured easily without dealing with TXT record directly.

However, once SPF is entered, you can check it how it looks like in TXT record. The purpose of SPF is to let the other email servers know which host(s) can send out emails on behalf of that domain. If an email server receives an email from a host without being listed in SPF of DNS server, that email could come from spammer by just faking the domain name in the email address.

   

Text Records ( TXT )