Help with Network Configuration

[CrazYmonkeY159]

I have a quick question. So I have been pondering on this without much results. Basically a question about networking and implementing a local DNS solution.

I am trying to set up my home server to be addressable by a normal address. My router allows for me to reserve IPs so that the reserved IPs are not given out devices which are not supposed to have them. So I can make sure that my home server has the same IP (locally).

Now I am going to be running sabnzb and utorrent as services on my server. So I would like to know if I could say DNS/map http://192.168.0.10:9000 to something like http://homeserver.nzb without any need to change the clients' network details? I am running Ubuntu Home Server

I am quite noob at networking in general however I feel comfortable around terminal. I would prefer leave the DHCP responsibility to my house has quite a lot of mobiles devices coming in and out via WiFi.

If I have failed to explain anything let me know

 

[HavocXphere]

No you've got it a bit wrong.

That 192. address is an internal address, meaning you can't see it from the internet. The internet just sees the routers *external* IP addr...which is not 196.168.0.1 / 10.0.0.2 / whatever your router brand is.

You'd need:
1) enabled port forward on the router
2) install some type of dyndns solution (some routers can do this, if not software will work too)
3) security is going to be a problem

3 specifically is a bit of a problem. The normal setup protects IT noobs and their computers from a lot of the nasty stuff out there (the part where the internet can't see the internal IP)....once you do the above you lose that protection. So the home server had better be something pretty solid...firewall & preferably not a windows box.

This will give you a homeserver.dyndns.com address though, not your own.

Ask DJ maybe...I know he has some cellphone linked NZB thing going.

 

[CrazYmonkeY159]

Nono. I dont want the adress accessible outside of my local network. I don't need DyDNS. I want all computers locally to be able to access my router. I suspect that having some sort of local DNS solution could help me. Basically no need for access from outside of my home. I basically want an Intranet.

 

[HavocXphere]

I see.

Just add it to each computers host file...done. As in the OS will redirect abcxyz.com to 192.168.0.99

NB with fixed IPs...use something towards to top of the range. e.g. 192.168.0.200 up to 192.168.0.210. That way it doesn't mess with the DHCP range (not that it should if the reserving is working).

 

[PhireSide]

So you want web access to your server via a URL and not an IP address? Am I understanding this correct?

 

[CrazYmonkeY159]

So you want web access to your server via a URL and not an IP address? Am I understanding this correct?

Yeah

@HavocXphere, Is it possible to achieve this without needing to edit the client hostfiles?

 

[Hamish McPanji]

Yeah

@HavocXphere, Is it possible to achieve this without needing to edit the client hostfiles?

Install bind DNS server on your ubuntu home server, if it isn't installed already. Add the forward lookup zone records for your fictional domain to bind, and enable it as a dns caching server. Test that your home server is able to do lookups by itself when using itself (127.0.0.1) as its DNS server.

Then configure your internet access router to use your Ubuntu as its DNS server. Since all your computers are configured with your internet router as the DNS, it will forward requests to your Ubuntu. Since your Ubuntu has your fictional domain in its records it will resolve correctly to your local network. For all other web addresses, it will do lookup for you

 

[CrazYmonkeY159]

Then configure your internet access router to use your Ubuntu as its DNS server. Since all your computers are configured with your internet router as the DNS, it will forward requests to your Ubuntu. Since your Ubuntu has your fictional domain in its records it will resolve correctly to your local network. For all other web addresses, it will do lookup for you

So I assume that your router finds out what DNS server to use when it connects to your ISP. How will I get my home server to do the same? I'm on Afrihost Business Uncapped and it looks like the DNS addresses are rather dynamic.

So Bind will deal with my local requests, otherwise my home server will just use my normal ISP DNS service. This sounds promising however still can't see how my home server can get my ISP DNS address.

 

[Hamish McPanji]

So I assume that your router finds out what DNS server to use when it connects to your ISP. How will I get my home server to do the same? I'm on Afrihost Business Uncapped and it looks like the DNS addresses are rather dynamic.

So Bind will deal with my local requests, otherwise my home server will just use my normal ISP DNS service. This sounds promising however still can't see how my home server can get my ISP DNS address.

In this scenario you will not be using the ISP DNS server at all. Your home server will be the DNS server for your entire network. All devices will use your home server for DNS for local and external websites / networks

Bind will do all the DNS lookups for you and cache your requests. It will use the root servers ( http://en.m.wikipedia.org/wiki/Root_name_server) the same way that your ISP does


EDIT:
1. An alternative to using the ISP DNS servers is to use Google Public DNS server (https://developers.google.com/speed/public-dns/): Configure your network settings to use the IP addresses 8.8.8.8 and 8.8.4.4 as your DNS servers
2. For ubuntu help for bind, goto : https://help.ubuntu.com/lts/serverguide/dns-configuration.html and https://help.ubuntu.com/community/BIND9ServerHowto
3. If you are not 100% confident in doing the config by editing files, maybe use a tool such as webmin. http://www.webmin.com/ .It will help you with all sorts of stuff on your linux box including your apache,mail, database, dns,etc. A full list of modules included in the standard installation is listed here: http://www.webmin.com/standard.html . Purists will slag you off for it, but i have better things to do than learning syntax, and a lot of what i have learnt in linux is by using an automated tool, and observing what changes it makes. In time, you will find it easier to just login on the terminal and make changes manually as you wish.

Good luck , and keep us posted if you hit any roadblocks (or in SA, is it potholes?)

 

[Tinuva]

I don't think all ADSL routers support this, but what I have done is, I added DNS entries on my Mikrotik router, which shares the internet at home, so all devices/pcs use it anyways for DNS lookups.

The thing is, you won't get away from the port, if you points lets say mydlpc.domain.com to 192.168.0.10, you wil still need to type http://mydlpc.domain.co:9000 in the url bar to get to utorrent on that pc.

That said, first check if your router's dns support static entries, easiest method IMHO, but if not you will have to go with hosting a dns server or update host files on all the pcs you want to use the name on. Other option is, to use samba/windows computer names to resolve the url, so if you named the ubuntu server "mydlpc" in /etc/samba/smb.conf (dependant on distro) then you can just go http://mydlpc:9000 in the address bar from any windows pc and it will also work without worrying about dns entries.

 

[CrazYmonkeY159]

Thank's a lot. My only question is (and the answer to this question may depend on weather I follow through with this or not) but now that my DNS queries will be done through my microserver and not my ISP DNS, will I experience degraded performance?)

To quote someone on this forum

... using an international DNS server means a lot of content that could be served from local servers, faster than from international servers, are now served from international servers.

Akamai send you to servers based on the DNS server you are using. For example, if you browse to facebook, all pictures load from local servers, unless you use google dns servers, then those same pictures will be loaded from London for example. You can imagine how this can changes the speed of facebook loading drastically.

The next is, some websites make use of many urls to load pictures just for a single page, now your pc needs to request all these urls from a DNS server, latency to google dns is lets say 200ms, but a local ISP dns server will be 10ms. If your browser needs to do 20 queries, it will take 200ms from a local server (less than a second) and can make a page loading look instant, vs if you use google dns, it takes 4000ms (ie 4 seconds). That is just to get the ips not even loading the page yet.

It really makes a difference as to how snappy browsing feels...

 

[Tinuva]

Thank's a lot. My only question is (and the answer to this question may depend on weather I follow through with this or not) but now that my DNS queries will be done through my microserver and not my ISP DNS, will I experience degraded performance?)

To quote someone on this forum

Set your dns server on the microserver to forward queries that it doesnt have in it's zone files to your ISP's DNS servers, then you will get both benefits, eg. faster lookups on the network for cached queries and get redirected to the proper akamai clusters.

still, I think it would have just been easier to use windows samba name resolution

 

[Hamish McPanji]

Thank's a lot. My only question is (and the answer to this question may depend on weather I follow through with this or not) but now that my DNS queries will be done through my microserver and not my ISP DNS, will I experience degraded performance?)

To quote someone on this forum

The quote sounds like a load of hogwash. Its more likely that the akmai servers look at the IP address you are coming from than your DNS server, as I don't see how it would get access to your DNS server information. That's is how Google knows where you are coming from, and redirects you accordingly

Also the performance difference between local and international DNS lookups are minimal, as a very small amount of data is exchanged, and all your devices do a bit of DNS caching of its own

 

[Tinuva]

The quote sounds like a load of hogwash. Its more likely that the akmai servers look at the IP address you are coming from than your DNS server, as I don't see how it would get access to your DNS server information. That's is how Google knows where you are coming from, and redirects you accordingly

Also the performance difference between local and international DNS lookups are minimal, as a very small amount of data is exchanged, and all your devices do a bit of DNS caching of its own

Actually it is not hogwash.

How does Akamai know which DNS server you use? Easy. Before your browser goes to any webserver, it has to convert the url you use to an ip address. We all know that, so easy.

Now the DNS caching server you use, needs to do a lookup itself to figure that out, it doesnt magically know this information. It starts by asking the root nameservers, which will only give back a top-level domain name server, which in turn will either return a secondary domain name server or an authoritative domain name server for the domain. By the time it gets to an authoritative domain server, that is a server owned by Akamai, and this is the server that will look at the DNS server doing a lookup against it. And this is how Akamai knows, which DNS server you use.

 

[Hamish McPanji]

So you are saying that Akamai keeps a list of all the ISP dns servers in SA for reference? Even Bob's ISP? That is a bit ridiculous.
Especially since a lot of the ISP DNS servers are pointing directly to the root servers themselves. So it begs the question, then how does it know where the ISPx is located.

A small clue: It looks at the ip address that the request is coming from, not which DNS servers you are forwarding your request through. and will redirect the request to the appropriate authoratative dns server for that region. So if my public ip address that has been assigned to me by my isp, is one that is known in SA, whether i am using my ISP dns server or the root servers, it will still know i am located in SA.

We used Satellite internet connections in Africa. We ran an ISP (not in SA) for a few years until it got taken over by a cellphone provider. We use 2 satellite connections, and load balances between the 2. 1 in East Africa, and the other in West Africa. You can tell straight away which link it is using at the time, simply because it either loads Google,Yahoo,MSN Kenya or Nigeria.

However, our DNS Servers remained the same throughout....one, our own which was pointing directly to the root servers, and a co-located one in US, which was pointing directly to the root servers. How did it identify our location? By the ip address, one subnet assigned to us by a Nigerian ISP, and the other a Kenyan ISP

 

[Tinuva]

So you are saying that Akamai keeps a list of all the ISP dns servers in SA for reference? Even Bob's ISP? That is a bit ridiculous.

I do. I have been in talks with Akamai directly myself as well as through other network engineers. They use more than just DNS however. They use anycast DNS servers for 1st layer redirection. These don't need to keep a list of user ips, only lists of closest clusters to them. Anycast dns means, your ISP's dns servers, which is pointed to the root-dns servers, will hit them via taking the shortest route (bgp as-path, bgp local-preferance, bgp metrics ect). Next they also keep a list of IPs from multiple BGP routing tables as a secondary layer of redirection, next they will use geo ip location if the first 2 fail, and then lastly they will actually send users to random close'ish clusters for benchmarking performance and redirect based on that.

Especially since a lot of the ISP DNS servers are pointing directly to the root servers themselves. So it begs the question, then how does it know where the ISPx is located.

You do know how DNS works right? the root servers don't keep a complete dns entry table? They only redirect dns resolves to the next top level domain servers. Check a dns traceroute using the "dig" utility on linux, for example: "dig www.ign.com +trace" <--- check how it 1st goes to the dns root servers, 2nd to the GTLD dns servers, 3rd it will hit shopify's authoritative dns servers, which will have cnames to akamai dns entries, then you do a dig trace on that which will be "dig www.ign.com.edgesuite.net. +trace" you will see it follow same pattern, except after the GTLD dns servers, it will hit Akamai DNS servers.

That said, it knows where ISPs are located by using BGP feeds from multiple ISPs. More specifically, from ISPs hosting these Akamai clusters, so that they can use those BGP feeds to optimize routing and redirection of users to the best Akamai clusters.

Anyways, we went FAR offtopic, you are now just derailing the topic because you don't believe an article, which is actually 100% correct and spot on.

 

[Hamish McPanji]

I agree, we are totally off topic. I hope the guys gets it working ok.

 

[Roman4604]

So you are saying that Akamai keeps a list of all the ISP dns servers in SA for reference? Even Bob's ISP? That is a bit ridiculous.

They dont need know each dns server's ip, only the netblocks from which they originate, easily obtainable from the global BGP routing tables.

And since Akamai provide/own every one of their cache clusters, they obviously know within which netblocks they reside.

 

[Hamish McPanji]

They dont need know each dns server's ip, only the netblocks from which they originate, easily obtainable from the global BGP routing tables.

And since Akamai provide/own every one of their cache clusters, they obviously know within which netblocks they reside.

That confirms my point, that running your own DNS server, pointing to the root servers, you will still get content from the local servers, as his public IP address is within the SA netblocks.

The question we are trying to answer is that if the OP uses root servers rather than his ISP DNS servers, will the content come from local servers or not

 

[Tinuva]

That confirms my point, that running your own DNS server, pointing to the root servers, you will still get content from the local servers, as his public IP address is within the SA netblocks.

The question we are trying to answer is that if the OP uses root servers rather than his ISP DNS servers, will the content come from local servers or not

It will come from local servers, but his DNS will probably be faster by pointing it to his ISP's DNS servers, just because doing a single lookup vs a complete trace lookup will be faster since already cached probably by the ISP's DNS server, and not only that, latency to the ISP's DNS server will be far better than the root servers ect.