The Internet Server Project - Part II - Planning

Let's break down the top level parts for the project...

Introduction

Here's a planning list of things you'll need (some you may already have):

A connection to the internet
A computer, your server-to-be
A registered domain name
A router
A set of operating system disks (or a bootable network install disk)

Disclaimer: This set of articles does not provide detailed step-by-step instructions. They are a "here's the project and the big pieces you'll need, you fill in the details. A disposition towards rolling up your sleeves, figuring things out, and solving problems is decidedly required. Caveat emptor.

Planning Your Server's Connection to the Internet

I'll assume you're doing this out of your house, apartment, or a wired cave, and that you have one or more broadband internet access options: DSL and cable being the most common, satellite and fiber being less common, at least for residential use. Serving email over dialup is possible (and very old school, anyone remember UUCP?), but I don't recommend it unless it's your only option.

If you already have broadband, the current service might suffice. Then again, it might not, especially if it's cable broadband. Following are several key questions to ask your current or potential broadband provider.

Q: Do the terms of use for the service allow multiple computers on the connection simultaneously and are network server applications like web & email allowed. I've seen contracts that specifically outlaw such use.

Q: Does the provider have a an option for static IP address (rather than a dynamic IP)?

Q: Does the service provider allow SMTP (port 25) outbound to the rest of the Internet? (This differentiator turns out to be significant as fewer and fewer providers allow port 25 "up".) Port 25 up is required for mail server operation: more on this topic later.

Q: How reliable is the service? You probably can't expect a straight answer from the provider, but you can ask around your neighborhood as some types of broadband problems are related to distance to the telephone Central Office (CO) and the condition of local wiring. Also, DSL Reports is a good source of consumer comments on broadband quality and problems, though, like Amazon product reviews, their statistics are not very scientific and have biases.

Though it's true that you can run a server pretty effectively with a dynamic IP using dynamic DNS service, a static IP is simpler, and is required if you're going to serve your own DNS. Many DSL providers have this option, usually for a few $s more per month. I definitely recommend a static if it's your first time out configuring a server, just to have less minutiae to deal with.

For the course of this article I'm going to assume that static IP. Dynamic IP-ers can figure out how to setup DNS names using a dynamic DNS service, e.g., http://www.dyndns.com/.

That SMTP port 25 thing is a biggy. You can't run a mail server without SMTP port 25 both ways unless you "hop" it through a SMTP proxy service, like the DynDNS SMTP Proxy. However, keep it simple and get a service with port 25 allowed.

Suggestion #1: Leave your current connection, whether it be DSL, cable or dial up, just as it is. Order up a new connection for this project. Most providers should have a 30 day, no questions asked, cancel clause (be sure to ask). If the service isn't there, or you just drop this whole thing, you can walk away with no contract hanging over you. But, watch that last date to cancel closely!

Suggestion #2: Try www.speakeasy.net. I haven't price checked lately, but in the past Speakeasy has offered good deals on static IP configs, has one of the most knowledgeable and responsive support staffs in the biz (IMO), and will do really good stuff for you like reverse map your static IP to your domain name. (Some big email providers require that you have this to prove you're not a spammer.) Speakeasy does support SMTP outbound, though they will turn it off if you screw up and let spammers work through your server. Again, this is real internet, not the walled garden you get with many others.

Planning Your Server Hardware

You don't need much horsepower for a basic, low volume service using the Linux OS. You can buy or cull a box out of mothballs that would be under spec'd for Windows. For example, I ran my email and an all-static html website on a 400MHz Pentium until 2004, and I didn't replace it because of performance issues. Save the 4GB RAM screamer for Vista, it'll need it

.

Two identical (or at least identically sized) disks are a good add/upgrade, so you can configure Linux software RAID 1 when you put on the operating system. Disks are the mostly likely points of failure, and RAID 1 (or RAID 5) covers you. If it's an older system, definitely throw away the old drives and get a new pair.

Good sources for used gear are www.ebay.com or www.delloutlet.com. It's fine if you want to pickup affordable server quality gear, it'll probably have redundant power supplies and hardware RAID, better cooling, etc. However, be advised that server gear is noisier, uses more power, etc.

Here's another option: BYO. Pickup this week's Fry's ad and check out their motherboard combos. Or, go to www.outpost.com or www.newegg.com and check out the mobo combos. Personally, I like the Shuttle PC kits, makes assembly easier, has a nice compact enclosure spec'd for heat sync & fan, but you still get to put in the components that matter most. The rest of a BYO is beyond the scope, but a Google search should point you at a vast sea of resources on the subject.

Bottom line, a 1GHz/512MB desktop with 2 disks for software RAID 1 will mostly likely do the job for you.

Planning Your Domain Name (and DNS)

Getting a domain is no big deal these days. You could do it today, just to lock into something you like, and take care of the network details when you're ready. I use www.netsol.com because 5+ years ago, they were more reliable than most. Also, Netsol has a bailiwick of DNS servers and good uptime. (Let's just say, if Netsol DNS goes down, the world notices!) The downside with Netsol these days is you have to wade through so many affiliate & product add-ons pages to get things done, I qualify my recommendation. There are many other very reliable registrars; ask a network admin buddy for advice.

When you're connection and server are ready, your registrar can run your DNS for you, usually at no extra charge. They probably have a reasonable web interface for making the necessary changes.

Alternatively, if you're up for a very educational and perhaps valuable experience, I recommend you try to run your own DNS server, at least for a while. However, be advised it's more work and you really do have to learn up before you take this on.

Either way, I recommend a read of the at least the first 1/2 of the O'Reilly classic DNS and BIND. You'll understand a critically important piece of Internet plumbing and how a deceptively simply system implements a worldwide, shared database of names.

A DNS Tale From the "Saved My Company's Royal Bacon" Department

I worked at a small registrar and DNS provider, whose network staff all left on short notice and no one could figure out the scripts and custom setups that ran our DNS servers. No one except myself, that is.

Ok, I admit, I don't run my own DNS any more. Once you've mastered many of these technologies and life gets busy, you may want to "outsource". The experience was, however, invaluable. And I can follow what's going on with new DNS stuff, like SPF records.

Planning Your Network Gear, i.e., Router

You'll need some inexpensive network hardware for this project. A garden variety Linksys, Netgear or other broadband router with a few switch ports and a small assortment of Cat 5 patch cables just about does it. Maybe an extra hub or switch.

Old gear works great for most home/personal server networks: One of my broadband routers is a 6 year old Linksys 4 port router/switch, the thing just won't quit! There is a feature you'll really need, which is on most models I've used: Port Forwarding. This features allows you to run your server on a private IP address behind your router, forwarding only select ports through to the server. Make sure that is on the router's feature list.

Speaking of router features here are some to avoid:

Wireless: Don't use a combo wifi/broadband router for your server's router (or turn the wifi off). Wifi makes it that much easier for a war driving hacker to try to crack or crash your router.
It's ok if your router has a DMZ, I just don't recommend putting a server in the DMZ. Port forwarding is the better, more secure way to network, and blocks certain types of attack.
VPN features: I've wasted too much time experimenting with the Linksys and Netgear VPN broadband routers. Worse yet, the Linksys VPN router became very unreliable for just plain routing after a VPN firmware upgrade. For your server, IMO, simpler is better for router features.

An interesting and worthy project is to build a Linux box as a router. You'll have a much more powerful firewall and much better intrusion logging than any $50-100 box. You can even use it to share or failover two broadband connections, use it as a load balancer, a web proxy, and so on! However, that's advanced stuff for another day.

Planning Your Operating System

I'm assuming a Linux OS here. You can do all this with www.openbsd.org, a Windows server, etc., if that's your preference. (Do remember that a Windows server requires a paid license, though.) There are many, many Linux distros to choose from: My current preference is Opensuse. Another solid and widely used choice is Fedora. However, anything I refer to herein will be Linux specific, and may be Opensuse specific.

With Opensuse (and many other distros) you can download and burn CDs or DVDs, and install from those, or usa a network install. I only use the network install these days. The Opensuse download page is pretty good, you should be able to work from there for your install.

However, here is a checklist of things to watch for or do during your (Suse) install.

If you installed two hard disks, create a RAID 1 and make your system redundant. (If you have two disks on PATA IDE, be sure to put them on seperate cables!)
Make sure Postfix, Cyrus IMAP, MySQL, PHP, and Apache2 are amongst your installed packages. Most of them will be installed by default, but use the package search in the installer to check.
It's up to you whether to install a Linux desktop, KDE or Gnome. I recommend the "Basic Graphics System" in the Opensuse install, which gives you window support, xterms and all that, but doesn't load up the bus with a complex, high overhead Desktop GUI. Even more "real world", you can start from a minimal install and have no graphics, work from console command line and ssh's.
Give your server a fixed, private IP, e.g., 192.168.1.21, depending on what your network settings are on your broadband router.
Network planning time: Really, before you're in the middle of the install, map out your private IP space into blocks. On my home network I allocate .1-.20 to routers, access points, and switches, .21-.40 to servers, and .41-.60 to printers+scanners. My DHCP addresses start at .100 and up. Track your static assignments in a spreadsheet or text file so you can remember where you put the printer!
Create a good root password, e.g., 8+ characters, with mixed case, numbers and punctuation symbols. Check it with Microsoft's password strength tester (one of the better security products out of msft --funny, they don't run it over https--perhaps tweak a few chars for your real root password). Also, create a personal account for yourself; it's good form to do most of your work non-root and only su or sudo as needed.

The Bottom Line of Planning

Ok, here's what you should have lined up and ready to go:

...a DSL line with a static IP and port 25 up

...a domain registered, with the DNS record for that domain name pointing at your static IP

...a broadband router hanging off that DSL, configured for the static IP on the public side and a DHCP 192.168.x.x network on the private side.

...a computer, cabled to the private (switch) side of the router

...a bootable Linux network install CD or complete CD/DVD install disk set

...(most likely) another computer, cabled to the same switch, running your favorite OS, for debug and experiments. Once your up and installed, better to ssh to your server for most administration.

Got all that?

Previous Page ... Next Page

Attach a file · Discuss this page

	Welcome to www.dell.com - (8 clicks) Posted by Rod, on Feb. 8 2008
	eBay - New & used electronics, cars, apparel, collectibles, sporting goods & more at low prices - (6 clicks) Posted by Rod, on Feb. 8 2008
	Standard RAID levels - Wikipedia, the free encyclopedia - (1 click) Posted by Rod, on Feb. 8 2008
	DSL · Cable · VOIP · Security · Satellite · Fiber · News · Tips · Reviews · Community · Tools - dslreports.com Posted by Rod, on Feb. 8 2008
	DynDNS -- Dynamic DNS, E-Mail Delivery and Other Services - (5 clicks) Posted by Rod, on Feb. 8 2008
	Speakeasy - Speakeasy, Inc. - Broadband, Voice and Data Services - (7 clicks) Posted by Rod, on Feb. 8 2008
	UUCP - Wikipedia, the free encyclopedia - (15 clicks) Posted by Rod, on Feb. 8 2008