Zimbra

coolkiller · #1 (**permalink**) 02-17-2009, 11:23 AM

hi all,

I have a LAN (all of they in windows), and one of those machine is my DEBIAN 4.0 etch

my ISP : 200.48.225.130

I wanna install zimbra 5.0 (I did it but with wrong configuration, now I need some backup to reinstall it)

so this my LAN ip: 192.168.1.xxx

these are my documents:

Code:

/etc/hosts:
127.0.0.1         localhost.localdomain  localhost
192.168.1.105 sys3.ucisa.net       sys3

Code:

/etcc/resolv.conf
search ucisa.net
nameserver 192.168.1.105

Code:

/etc/hostname

sys3.ucisa.net

inside /etc/bind/named.conf

Code:

zone "ucisa.net" {
        type master;
        file "/etc/bind/db.ucisa.net";
};

Code:

/etc/bind/db.ucisa.net

;
; BIND data file for local loopback interface
;
$TTL    604800
@       IN      SOA     sys3.ucisa.net. root.ucisa.net. (
                              1         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
;
@                       IN      NS              sys3
@                       IN      NS              sys3.ucisa.net.
@                       IN      MX      10      sys3
@                       IN      MX      20      sys3.ucisa.net.
@                       IN      A               192.168.1.105
sys3                    IN      A               192.168.1.105
ucisa.net.              IN      A               192.168.1.105
sys3.ucisa.net.         IN      A               192.168.1.105

this last part is wrong this is where I need help how to configurate my DNS to get a successfull installation and my users uses my zimbra mail server.

a friend told me that I need to create some hosts pop.ucisa.net, smtp.ucisa.net, webmail.ucisa.net (where I create these hosts!!!)

help me please =)

pd: with this configuration I can install zimbra but its not the correct one.

dwmtractor · #2 (**permalink**) 02-17-2009, 03:11 PM

Hi coolkiller,

You need what we in the Zimbra world refer to as a "Split DNS" to make your server function. Basically, Zimbra needs to be able to resolve itself to the internal IP address, as it is, but the outside world needs to be able to resolve that same domain as the public IP. This requires one set of DNS records that are in the public sphere, and a totally separate set (either on your LAN or on the Zimbra box itself) in the private side.

There is a document on Split DNS in the wiki, though some find it difficult to understand. You're using Debian, so these wikis I wrote on installing Zimbra to Ubuntu, which is a Debian derivative, may also be helpful:

Ubuntu 6.06 Server (Dapper Drake) Beginner's Install Guide - Zimbra :: Wiki
Ubuntu 8.04 LTS Server (Hardy Heron) Install Guide - Zimbra :: Wiki

coolkiller · #3 (**permalink**) 02-18-2009, 09:19 AM

thank you, but can u xplain that in spanish please,

es que yo hablo español y por otros post e leido que tu dominas bien el español,

ayudame,

gracias

dwmtractor · #4 (**permalink**) 02-18-2009, 09:50 AM

Ay, esto es un subjeto bien complicado, no se si podre explicarle bien. . .

Como ud. ya sabe, el DNS es el directorio que da el direccion "IP" a cualquier maquina que lo requiere. Es necesario que el servidor Zimbra, cuando pide informacion del DNS, recibe en respuesta el direccion IP INTERNAL, no EXTERNAL. Este resultado se efecta por el uso de dos diferentes DNS, uno que esta adentro de su LAN (lo mas comun es instalar "bind9" en el mismo servidor con Zimbra), con configuracion de todos los recordes del DNS para el direccion internal. . .

Ademas, necessita un servidor DNS external (publico) que resolve al direccion IP publico del servidor.

He escrito dos guias para instalar Zimbra en servidor de Ubuntu, que ofrecen los detalles de DNS tambien. Desafortunadamente, no tengo el tiempo, ni tampoco la competencia en Espanol, para traducir estas guias. . .ojala que este explicacion le ayude un poco. . .

coolkiller · #5 (**permalink**) 02-18-2009, 10:10 AM

Gracias,

si te entendi entonces como deberia estar configurado mis records del DNS

this is how it looks now:

Code:

;
; BIND data file for local loopback interface
;
$TTL    604800
@       IN      SOA     sys3.ucisa.net. root.ucisa.net. (
                              1         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
;
@                       IN      NS              sys3.ucisa.net.
@                       IN      MX      10      sys3.ucisa.net.
@                       IN      A               192.168.1.105
sys3                    IN      A               192.168.1.105
sys3.ucisa.net.         IN      A               192.168.1.105

u say I need an external DNS server, where I configurate this part?

gracias,

(use english, it will be better I can understand

dwmtractor · #6 (**permalink**) 02-18-2009, 10:56 AM

That external DNS needs to be a separate server. Most people have either their ISP or their domain registrar host their external DNS record. It's possible to make your own external DNS server too, it just has to be a Linux server running bind9 on the WAN side of your firewall, with A and MX records that point to the public IP rather than the LAN IP. Wherever that server is, the domain record at your domain registrar has to point to that DNS server (or servers) as the authoritative DNS for that domain.

coolkiller · #7 (**permalink**) 02-18-2009, 11:47 AM

thank you your guides helped me alot!

kazooless · #8 (**permalink**) 03-06-2009, 05:19 PM

Hi there,

You mention that many people find the document hard to understand. I guess I am one of them. I am not an e-mail server newbie, nor a DNS mx record newbie, but there are details I am unsure of from your suggestion of using split dns. Can you please clarify?

Here is what I have now, which I think is similar to what you're suggesting. I am wanting to use your open source to replace an exchange server I am running. I run this server at home as my personal domain. MX records and reverse dns with static IP is all set and working fine. Exchange server is behind a NAT firewall.

Exchange is configured to know that it can handle mail for the local domain "domain.sbs" and for the real domain "domain.com." For the internal clients, I setup the internal Exchange/Windows DNS server to have the "domain.com" with the internal NAT'd IP resolving to the exchange server hostname that exists in the real world. (It thinks it is authoritative for the real domain name, "domain.com." So, there is the real internal AD network name, "servername.domain.sbs" and then there is the public mx name "mail.domain.com" both resolving to the internal IP 192.168.0.10.

I want to trash M$ all together, so the Zimbra server would ideally be the DNS for the 5 or so PC's I run at home, the Zimbra server, as well as a file server for shared files.

But your doc recommends only running 'split-dns' for the Zimbra server itself.

Is it okay to ignore this recommendation since I am not running it in production for a large corporate network and it isn't very high priority for me? (a slight ms delay is no big deal, though down time is not good).

Should I setup like this?:

Internal dns server for internal fake domain like: "domain.zim" with an A record and MX record pointing to the internal IP.

Setup Zimbra for the fake domain.

Tell Zimbra to handle mail for the real domain as well.

Is that even possible?

If not, what exactly do you suggest? Hopefully this will also help you see where the confusion is for others and maybe address the questions in the wiki before others ask the same questions. Hopefully I am being helpful in my request for help.

Thanks!

kazooless

phoenix · #9 (**permalink**) 03-06-2009, 11:48 PM

You can run the DNS server on any PC in your LAN. I usually set-up the Split DNS with a real domain name but you can use an alternative (i.e. fake) one if you choose but why make life difficult for yourself.

kazooless · #10 (**permalink**) 03-06-2009, 11:54 PM

Okay, so you're saying that if the actual public domain is example.com, just setup dns internally for example.com but with private IP addresses, right?

I guess I can see how this would work, except that if the same domain has a web server hosted outside of the internal domain, you'd have to manually add that to the internal dns pointing outside.

It seems being stuck in the Microsoft world complicates our brains so that the easy stuff isn't obvious to us anymore.

Thanks,

kazooless

Zimbra

Downloads

Product Information

Toolbox

Why Join?