Collaboration Policy: CP-9 (Work in groups, hand in a group submission) SI455 – Advanced Computer Networking Lab2: Adding DNS and Email Servers (v1.0) Due 6 Feb by start of class WHAT TO HAND IN: 1. Completed checklist from the last page of this document 2. 2-4 page write-up for Task 4. By now you should be familiar with how to create a virtual Linux server, upload it into the hypervisor, and connect it to your group’s network. In this lab, you will follow instructions to set up a DNS server. You will then set up a mail server and a mail client with (almost) no help from your instructor. Goals: By the end of this lab, each student should be able to 1. install and configure the bind DNS server (with instructions) 2. select, install, and configure an email server (without instructions) 3. configure an email client to use the mail server (without instructions) 4. be able to explain goals 2 & 3 clearly to a novice network administrator Task 1: Install and configure a DNS server This task will walk you through your group’s DNS server. Two group members can work on this together while the other two start the email server in Task 2. We will be using the "bind" program as a DNS server. This walkthrough follows the online instructions here: https://help.ubuntu.com/12.04/serverguide/dns-installation.html We are going to use the same version of Ubuntu that we used for the user workstations, except we are not going to load a windows manager. You have already done these steps multiple times, so much of this should be familiar. 1. Build a new VM for your server. a. Create a VM on your local lab machine. Use the Ubuntu Server 32-bit ISO that you previously downloaded. i. While you are creating the VM, use “owner” for the login name, and select a password that the entire group will know. ii. Name the machine your team’s color plus the word “dns” (e.g. reddns/greendns/bluedns/purpledns) iii. Set your max disk size to 5.0GB. 1 Collaboration Policy: CP-9 (Work in groups, hand in a group submission) 2. Install packages the VM. a. sudo apt-get install openssh-server b. sudo apt-get install bind9 c. sudo apt-get install dnsutils d. sudo apt-get clean e. NOTE – do NOT install the LXDE window manager 3. Upload the dnsserver to carol. a. Use the vCenter Standalone Converter to upload the VM. b. Ensure that the server is stored in DataStore1 and is connected to your group’s private switch. 4. Set the dnsserver’s IP address. We are going to use a static address of 10.10.1.15. a. Select the dnsserver in vSphere and log into it. b. cd /etc/network/ c. sudo nano interfaces d. We are going to add a new line to the interfaces file that will tell the OS where to find a DNS server. We will start using this new line with all machines that use static IP addresses. Edit the interfaces file to look like the following: auto lo iface lo inet loopback auto eth0 iface eth0 inet static address 10.10.1.15 netmask 255.255.255.0 dns-nameservers 10.10.1.15 e. f. g. h. i. j. NOTE – Adding the dnsnameservers line now will allow us to test the DNS server while we are configuring it. This is the IP address where nslookup and ping will try to resolve a URL into an IP address. Press Ctrl-o to save Press Ctrl-x to exit nano Run “sudo /etc/init.d/networking restart” to apply these changes. Run “ifconfig” to check that eth0 is online. Ping one of the other machines in the network to verify that the server is online. Reboot the dns server. Sometimes when switching from a dynamic to a static IP address, the OS will continue to contact the DHCP server for a new IP after the original leasetime expires. (Default time is 10 minutes) Rebooting is the easiest way around that bug. There are three basic configurations for a DNS server. We will be configuring ours as “Primary 2 Collaboration Policy: CP-9 (Work in groups, hand in a group submission) Master” servers for our own group domains. (e.g. grey.com, red.com, blue.com, etc.) 5. Add a DNS “zone”. Do the following in a shell in your DNS server a. Determine your Fully Qualified Domain Name (FQDN). Your group’s FQDN will be your color +“.com” (e.g. grey.com, red.com, etc.) b. Everywhere you see the word “color” inserted into a file below, substitute your own group’s color instead. c. Add your zone name to your server’s list of managed zones: i. cd /etc/bind/ ii. sudo nano named.conf.local iii. Delete all of the lines in the file and insert these lines in their place: zone "color.com" { type master; file "/etc/bind/db.color.com"; }; d. iv. Save the file and exit nano. Create a zone file: i. Use an existing file as a template: sudo cp db.local db.color.com ii. Edit the zone file (db.color.com, substituting you own group’s color.) iii. Change the word “localhost” to your FQDN. Be sure to leave the trailing periods where applicable. iv. Add entries for your group’s web server and future mail server. The file should look like the below entry when complete: Note that every time you edit this configuration file, you must increment the Serial value by 1. This lets the DNS server know whether it is seeing the most recent version. If you do not do this, then the server will ignore your changes. ; ; BIND data file for color.com ; $TTL 604800 @ IN SOA color.com. root.color.com. ( 2 ; Serial – increment EVERY edit 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) ; Negative Cache TTL ; @ IN NS ns.color.com. ; DNS server @ IN MX 1 mail.color.com ; mail server www IN A 10.10.1.10 ; web server ns IN A 10.10.1.15 ; DNS server mail IN A 10.10.1.20 ; mail server 3 Collaboration Policy: CP-9 (Work in groups, hand in a group submission) 6. Start the DNS server. a. Run sudo /etc/init.d/bind9 restart 7. Test the DNS server. a. The following ping command should find your webserver: ping www.color.com b. The following commands should return the appropriate IP addresses: nslookup www.color.com nslookup mail.color.com nslookup mail.color.com 8. Tell the rest of the network about the DNS server. a. Machines with static IP addresses get the location of the DNS server hard-wired into the interfaces file. Do the following on each of your group’s servers: i. Edit the /etc/network/interfaces file to add the following line under the eth0 block: dns-nameservers 10.10.1.15 ii. Run sudo /etc/init.d/networking restart iii. Run nslookup www.color.com to test iv. Run ping ns.color.com to test b. Machines with dynamic IP addresses get the location of the DNS server from the DHCP server. Do the following on your DHCP server: i. Edit the /etc/dhcp/dhcpd.conf file to add the following line just after the leasetime block: option domain-name-servers 10.10.1.15; ii. Run sudo service isc-dhcp-server restart iii. Your workstations are all running dynamic addresses. They contact the DHCP server intermittently to get updates. The time defaults to once every 10 minutes. (As set by the default-lease value in your DHCP server’s /etc/dhcp/dhcpd.conf file.) If you wait for this time to be up, then the workstations will all be able to use ping or nslookup to find www.color.com. If you are impatient, you can manually restart networking on the workstations, or reboot them and they should recognize the DNS server immediately. 4 Collaboration Policy: CP-9 (Work in groups, hand in a group submission) Task 2: Select, install and configure an email server You are on your own to figure out how to do this. Here are the three pieces of advice I will give you: 1. I highly recommend starting with Ubuntu’s official server guide as a reference: https://help.ubuntu.com/lts/serverguide/ 2. Try searching Google for: ubuntu 12.04 email server 3. That search will yield lots of webpages with advice. Figure out which ones seem like legitimate Ubuntu help groups and which are companies/individuals trying to push their own product. Stick with the former. You will need to select your own email server. There are many available. Read about a few and pick one. Install the email server onto a Ubuntu 12.04 server VM on your local machine. Upload the VM to your network and configure the mail server there. If it does not work for you – delete it and pick another. The email server must: • allow you to send mail between members of your group • be capable of sending mail to other groups once we add routers between the networks • run on the same Ubuntu 12.04 Server OS that we have been using • have a static IP address of 10.10.1.20 • not have a GUI – do not load LXDE onto it • have a DNS entry that gives a result like this: mail.color.com, where ‘color’ is replaced with your group’s domain name. Task 3: Configure an email client You must have an application on each workstation for the users to read their mail. If you use a web-based email server, then you can use your existing browser. You installed the “thunderbird” email client on your workstations. There are probably other clients built-in to some of the Linux utilities if you want to look for them. Each student must have their own email account and be able to access it from at least their own workstation. The email client must be capable of sending email to another student in your group. This step is complete when each student is able to both send and receive mail with other group members from their own workstation. 5 Collaboration Policy: CP-9 (Work in groups, hand in a group submission) Task 4: Explain tasks 2 & 3 above to a novice network administrator You followed a carefully-scripted set of instructions for each server that you set up prior to the email server. You have figured out the email server on your own – now it is your turn to write instructions for somebody else to follow. Using the format from Task1 above as a template, your group needs to generate a complete set of instructions for installing your chosen email server and configuring an email client to use it. Expect this to be 2-4 pages long. • In the first step of your write-up, assume that the user has already downloaded the Ubuntu Server ISO and knows how to create a basic VM out of it. Begin your explanation in the same place as Task 1 above. • Focus on the instructions for the email server & client. Do not worry about too many details with VMplayer, VMware Converter, or the vSphere Client. Assume that your reader generally understand how to use them. • The write-up should walk the user all the way through a. Creating and configuring the email server b. Configuring the email client c. Creating two users in the email client and sending mail between them For grading – I will be following your instructions step-by-step to install your email server and client in my own network. You get full marks if I am able to send an email between two accounts by following your instructions. 6 Collaboration Policy: CP-9 (Work in groups, hand in a group submission) Names: Section: ________ Team color: _________ SI455 – Computer Networking Lab 2 Checklist Hand in this sheet attached to your write-up from Task 4. Be prepared to demonstrate your functioning network as well. Fill in the table below to verify that you have successfully built your network. • Column(2) – enter the IP address as reported by ifconfig, on the eth0 interface. • Column(3) – Run “nslookup mail.color.com” from a terminal in each of the machines identified in Column 1. Put a YES in the box if the command returns successfully. • Column(4) – Run “ping ns.color.com” from a terminal in each of the machines identified in Column 1. Put a YES in the box if the command returns successfully. • Column(5) – Open a browser and enter http://www.color.com in the URL bar. Verify that you are able to surf to your own webpage. If the page is successfully retrieved, put a YES in the box. • Column(6) – Verify that each workstation is able to send email to a different student on a different workstation. (Do not send mail to your own account.) If the email is successfully transmitted then put a YES in the box. (1) Machine (2) IP (3) (4) ping (5) retrieve (6) Send mail Name Address nslookup successfully www.color.com to student on successfully from browser another workstation Workstation1 Workstation2 Workstation3 Workstation4 Web server DHCP server DNS server Mail server 7