Professional Documents
Culture Documents
To Install Webmin and get started, drop by www.webmin.com and download the latest release.
You can use RPMs for Red Hat and related systems that support binary installations or you can
build Webmin from source. Webmin supports a large number of UNIX variants, including OS X. To
install the rpm, simply open a terminal session, and type in:
Or
Webmin is the most powerful administration tool in its nature. We will use it to set up our DNS,
but I will not go over it in detail because we already know how to use other administrative tools.
It is not difficult to use because it is web based, in any event, you should know that you can use
it remotely to administrate the system. In this HowTo we’re going to use Webmin to setup DNS
Server and mail, www and ftp servers on Linux CentOS5.
mail.linuxauth.com
www.linuxauth.com
ftp.linuxauth.com
Check out /etc/hosts to ensure that you have a correct setup, in our case, it’s as follows:
Make sure that all the required services are running including webmin, if it is already installed. If
you need help for installation, refer to software installation in this book.
Ok here we go…
1
© April 2007, Kefa Rabah, Global Open Versity, Vancouver Canada
Fig. 1
When you open the web browser and execute the 10000 port you will see an error, describing
that the web server is running in SSL mode and gives you a link to try instead. Click on the link,
you may see another error describing that the server certificate failed; click on Continue.
Another warning pops up.
Fig 2
2
© April 2007, Kefa Rabah, Global Open Versity, Vancouver Canada
Fig. 3
I suggest never give this power to any other user except to you, the administrator.
Fig 4
Figure 4 above shows Webmin's home page a generic most wanted administrative tool. But of
course with all the tools, you probably won't rely on webmin for all admin purposes. Although,
Webmin is useful for automating tasks, for teaching purpose, it’s always preferable to do things
3
© April 2007, Kefa Rabah, Global Open Versity, Vancouver Canada
manually via command line so that apprentices can have a better understanding of what actually
happens in the background.
Feel free to explore and actually try to use the available modules in webmin. Once you learn to
use it, it will become your favorite remote administrative tool.
From Fig. 4 clicking on Servers brings you to Fig. 5, while there note all other servers that are
available in this panel, and which are installed on this machine.
Next, from Fig. 5 below; click on Bind DNS Server to start with our DNS configuration. For this
article we used Bind9, however, do make a point to download the latest Bind server package and
ensure that update your system before proceeding with setup. The network address used here is
for LAN, but you can easily replace it with a public IP address if you have a legal domain name
and have an IP address issued to you by your ISP or domain hosting company.
Fig 5
From 5, choose the option best suited for your setup. In our case we opted for the second option.
Checking the second option and clicking Create Primary Configuration and Start Nameserver
brings you to the Bind DNS Server panel.
Note that Bind DNS Server panel is divided into three different sections:
4
© April 2007, Kefa Rabah, Global Open Versity, Vancouver Canada
Fig 6: Our working section, Existing DNS Zone: Click Create master zone.
Once the zone was created proceed to edit its properties, it takes you to this panel
automatically.
Once the zone was created proceed to edit its properties, it takes you to this panel automatically.
1. Click on Address
2. Enter name: linuxauth.com.
3. Enter address: 192.168.83.15 (note: this is the physical address domain 1)
5
© April 2007, Kefa Rabah, Global Open Versity, Vancouver Canada
1. Name: www
2. Time-To-Leave: Default
3. Real Name: linuxauth.com.
4. Click on create
--------------------------------------------------------
5. Name: mail
6. Time-To Leave: Default
7. Real Name: linuxauth.com.
8. Click on create
-------------------------------------------------------
9. Name: ftp
10. Time-To-Leave: Default
11. Real Name: linuxauth.com.
12. Click on create
6
© April 2007, Kefa Rabah, Global Open Versity, Vancouver Canada
-------------------------------------------------------
Mail Exchange Record (Mx record)
1. Name: linuxauth.com.
2. Time-To-Leave: Default
3. Mail Server: mail. linuxauth.com.
4. Priority: 10
5. Click on create
We just finished creating the forward zone. At the very bottom of this current panel (Edit
Master Zone), click on Return to zone list.
7. Use template: no
8. Refresh time: leave as default
9. Expiry time: leave as default
10. IP address for template: leave blank
11. Transfer retry time: leave as default
12. Default time to leave: leave as default
13. Click on create
Now Edit the Master Zone properties for the Reverse that we just created.
Create Pointer
1. Click on PT
2. Now add Reverse Address Record
3. Address: 192.168.83.15 (type complete IP address here)
4. Host name: cos52.linuxauth.com.
5. Update forward: yes
6. Click on Create
8
© April 2007, Kefa Rabah, Global Open Versity, Vancouver Canada
1. Name: www
2. Time-To-Leave: Default
3. Real Name: linuxauth.com.
4. Click on create
------------------------------------------------------------
5. Name: mail
6. Time-to-Leave: Default
7. Real Name: linuxauth.com.
8. Click on create
-----------------------------------------------------------
9. Name: ftp
10. Time-to-Leave: Default
11. Real Name: linuxauth.com.
12. Click on create
Fig 12: After you have entered all the aliases it should look like this
9
© April 2007, Kefa Rabah, Global Open Versity, Vancouver Canada
You can now verify the changes in the main configuration file
/var/named/chroot/etc/named.conf
Note that a new zone has been added, which can be found at: /var/named/chroot/var/named,
these are: linuxauth.com.hosts and 192.168.83.rev.
options {
directory "/etc";
pid-file "/var/run/named/named.pid";
};
zone "." {
type hint;
file "/etc/db.cache";
};
zone "linuxauth.com" {
type master;
file "/var/named/linuxauth.com.hosts";
};
10
© April 2007, Kefa Rabah, Global Open Versity, Vancouver Canada
zone "83.168.192.in-addr.arpa" {
type master;
file "/var/named/192.168.83.rev";
};
------------------------------------------------------------------------------
$ttl 38400
linuxauth.com. IN SOA cos52.linuxauth.com. root.linuxauth.com. (
1236317547
10800
3600
604800
38400 )
linuxauth.com. IN NS cos52.linuxauth.com.
linuxauth.com. IN A 192.168.83.15
www.linuxauth.com. IN CNAME linuxauth.com.
mail.linuxauth.com. IN CNAME linuxauth.com.
ftp.linuxauth.com. IN CNAME linuxauth.com.
linuxauth.com. IN MX 10 mail.linuxauth.com.
cos52.linuxauth.com. IN A 192.168.83.15
------------------------------------------------------------------------------
------------------------------------------------------------------------------
$ttl 38400
83.168.192.in-addr.arpa. IN SOA cos52.linuxauth.com.
root.linuxauth.com. (
1236321439
10800
3600
604800
38400 )
83.168.192.in-addr.arpa. IN NS cos52.linuxauth.com.
15.83.168.192.in-addr.arpa. IN PTR cos52.linuxauth.com.
www.83.168.192.in-addr.arpa. IN CNAME linuxauth.com.
mail.83.168.192.in-addr.arpa. IN CNAME linuxauth.com.
ftp.83.168.192.in-addr.arpa. IN CNAME linuxauth.com.
------------------------------------------------------------------------------
11
© April 2007, Kefa Rabah, Global Open Versity, Vancouver Canada
As you can see, using webmin is the fastest and surest way to set up a DNS server; or you can sit
there all day and type line by line and still get wrong.
Now test our DNS server using dig and nslookup to test and ensure that our master DNS is
working as expected. Fig. 15 shows the dig and Fig. 16, which confirms that all is working well.
Fig. 15: shows the dig command which returns corrects results.
12
© April 2007, Kefa Rabah, Global Open Versity, Vancouver Canada
Fig. 16: shows the nslookup command which returns IP address correctly.
Now that we have created a perfect master DNS; we can go ahead and use our system for almost
anything, e.g., ftp, mail, and www. The same way we created this master DNS you can also
create a slave DNS server at a different IP address to provide for redundancy. That is, by creating
a slave DNS, they can replicate each others data so that if one of the servers goes down, the other
one will respond to the queries transparently without affecting the network clients.
So what is the big picture – i.e., in a simple language – having perfectly functioning redundancy DNS
server within your network enables both servers and clients in your network to use different IP addresses
and will be resolved by your DNS server.
Now you can go ahead install messaging server like Zimbra that require that master DNS is installed and
working.
Enjoy!
-----------------------------------------------
Kefa Rabah is the Founder and CIO, of Serengeti Systems Group Inc. Kefa is knowledgeable in
several fields of Science & Technology, IT Security Compliance and Project Management, and
Renewable Energy Systems. He is also the founder of Global Open Versity, a Center of Excellence
in eLearning.
13
© April 2007, Kefa Rabah, Global Open Versity, Vancouver Canada