PDA

View Full Version : Questions about DNS




danimaltron
Jun 21, 2010, 03:09 PM
I have a Mac Mini Server on the way. I have picked up the Snow Leopard Server for Dummies book, and I'm skimming through it, and reading seemingly relevant sections. But until I get some face time, I am unsure of a few things, and I wanted to clarify so I can set this up as quickly as possible.

1) If I set up a fully qualified DNS, like mydomain.com or server.mydomain.com which is accessible from the outside world, would that imply I should have a static IP from my internet provider? Will I run into problems with a dynamic IP? I assume that I will.

2) If I opt to set up a totally private DNS server, and use something like server.danimal could I change this later if I want to expose the server to the outside world for things like mail, etc? Is it a huge pain in the butt to change this later?

3) I currently only have 2 client computers which are Macbooks. I'll eventually have more, but not sure when. Setting up Open Directory seems like over kill. Is it possible to set up file, printer, address book and iCal sharing without using this? I don't really need client log-ins right now. Local client log-in is fine. Maybe I can set up sharing similar to how you can share files between 2 Mac OS X clients?

4) Since my clients are Macbooks, do I need to do anything special? From what I read, it seems like I definitely need mobile accounts with portable home directories... IF I need server authentication at all. I don't think I need it at the moment unless certain services require it.

I appreciate your help and advice. Thanks!



calderone
Jun 21, 2010, 08:46 PM
1) No, that does not imply that you need a static IP. There are a number of ways to keep your dynamic IP up to date. The only problem you would run into is if you were trying to access your server from the outside and your IP changed.

That isn't to say a static IP isn't a good idea, but if you are on a residential line, you will likely be unable to get one.

I think you are misunderstanding DNS records, it should become clear in my answer to number of 2.

2) It isn't necessary to change it. Your server is only for internal name resolution. Your server isn't acting as a name server on the internet (nor do you want it to).

What you need to do is register a domain name, preferably with a place that allows you to add DNS entries. Add a custom A record pointing to your external IP, open up the necessary ports for the services you want to expose and boom, done.

3) The server is virtually worthless in the way you want to use it, without centralized authentication (OD). That is how you differentiate the various user data, i.e. Jim's calendar, John's file share, etc.

You want to run OD. It is the purpose of having a server. To have centrally managed clients and services. You can setup some of the services without OD, but you would doing yourself a disservice. You wouldn't be able to take advantage of things like SSO.

Even between two Macs, you are authenticating against the other Mac not your local machine. This is the idea behind directory servers.

OD isn't "overkill," you are simply moving your local directory service to a network directory service.

4) Yes, you need to bind the machines to your OD server. You cannot do PHD without binding and setting up OD of course. You need authentication. Without it, there will be no way for your Macbooks to leverage PHDs.

I highly suggest you read up on the fundamentals of a server. You will benefit from having a low-level understanding at a basic level. Your post has many misunderstandings about the way to setup and run a server.

I don't say this as an insult, but it is very difficult for people to help you when we have to overcome a lack of understanding. Even while replying I had difficulty coming up with ways to explain why your notions of a server are mistaken.

I would recommend the Peach Pit OS X Training Series.

For example:
http://www.peachpit.com/store/product.aspx?isbn=0321635345

Which will cover some of the client aspects of utilizing a server. And
http://www.peachpit.com/store/product.aspx?isbn=0321635337

Which will cover in detail OS X Server including how to set it up and how to manage clients.

danimaltron
Jun 22, 2010, 12:35 AM
Thanks for the info!

Firstly, I don't think my server is going to be a name server on the internet. I never said that or tried to suggest it. I was referring to the machines domain name, and how this relates to setting up A records from a registered domain or not.

Secondly, I don't really have notions. I believe I'm actually appearing to be a bit more naive than I actually am. I simply tried to be open minded and look at this fresh, and ask basic questions rather an apply some outdated knowledge I have from several years ago where I actually looked after a Win2k server with active directory.

I understand the benefits of a server, and the benefits of open directory. But I also remember looking after the windows server, and recall it being over kill if it were for only 2 people. It was simply not beneficial for situations where very specific access controls were not needed.

That being said, I've never used Leopard Server before, and so am not familiar with the benefits of it. I have read about them, of course, but have not used it in practice. So obviously things like Address Book sharing, iCal sharing, etc. are new to me, and I'm not familiar with how this ties into Open Directory.

Regarding DNS: I read some posts from someone on the Apple forum that said if you configure your server to be completely closed off from the outside world using a private domain name, it may not be easy to change that later. The person who said that wrote those article: http://labs.hoffmanlabs.com/node/1436 You'll notice in that article even, it specifically says to not use a domain name that would ever be registered, unless you register your own and set the A record.

I know my server is not a public DNS. That is not what I was suggesting. I think you misunderstood me.

What I am asking is: Will it be hard to change the servers domain name after the fact? What if I don't want to set up an A record right yet, and want to give it some private domain name (like "server.danimal" from my original example)? If I want to set up the A record at some point in the future, will it be as simple as changing it and creating the A record at my domain registrar? What would need to be reconfigured, if anything?

I own many domain names already and so I could set up an A record now if I wanted, but I want to keep things simple at first. This is the same reason I asked if I need Open Directory. Just trying to evaluate if it makes sense to keep it simple by opting out of certain services for now. I see now that it's worth setting up Open Directory and even neccessary for many things I want to use.

If I do set up an A record, how could this be kept updated if I have a dynamic IP? For example, if I have my domain registered with GoDaddy, I can set the A record easily. But it binds it to an IP. If My IP is dynamic, how cold this be kept updated? I'm aware of services like Dyndns.com but wondering if I could accomplish this without it. Maybe I need a static IP. And yes, I can get a static IP. But it's just another monthly expense, and I want to to explore any other potential options.

And thanks for the book links. I'll look into those

dmmcintyre3
Jun 23, 2010, 12:05 PM
You could use http://freedns.afraid.org and a curl script to check if the ip is outdated and if not fix it.