Multiple domain setup and configuration

G

gpatrick

My DMZ setup is similar to the diagram below with each a physical server (including www domains):

router --> pf firewall --> nginx reverse proxy (10.0.2.117) --> http://www.example.com 10.0.2.118

The reverse proxy will also forward to:
http://www.example.net 10.0.2.119
http://www.example.org 10.0.2.120

Also in the DMZ will be:
ns1.example.com (10.0.2.115)
ns2.example.com (10.0.2.116)
mail.example.com (10.0.2.114)

External router IP is from ISP. Router internal IP is nat'd to 10.0.2.1.

My questions are:
1) what fully qualified domain name do I give to the nginx reverse proxy?
2) I will host my own two nameservers, can I have the domain name example.com and have zones for example.net and example.org?
3) Does the nginx server need an entry in the nameserver? If so how is it referenced as a CNAME or A record?
4) What domain name does the pf firewall need?
5) What domain name does the router need?
6) Will the resolv.conf for http://www.example.org and http://www.example.net have:
domain example.com
search example.com
nameserver 10.0.2.115
nameserver 10.0.2.116
7) Can mail.example.com also accept mail for example.net and example.org or do I need to setup a separate mail server for each domain?
 
1) what fully qualified domain name do I give to the nginx reverse proxy?
Click to expand...
Anything will work, server.example.com

2) I will host my own two nameservers, can I have the domain name example.com and have zones for example.net and example.org?
Click to expand...
Yes
3) Does the nginx server need an entry in the nameserver? If so how is it referenced as a CNAME or A record?
Click to expand...
A record

4) What domain name does the pf firewall need?
Click to expand...
None. Never use domain names in any firewall configuration including pf. Always, use ips. Your pf will fail if server cannot reach to nameserver to resolve names.

5) What domain name does the router need?
Click to expand...
router.example.com

6) Will the resolv.conf for http://www.example.org and http://www.example.net have:
domain example.com
search example.com
nameserver 10.0.2.115
nameserver 10.0.2.116
Click to expand...
Yes

7) Can mail.example.com also accept mail for example.net and example.org or do I need to setup a separate mail server for each domain?
Click to expand...
Yes, a single mail server can accept mails for 100s of domains using virtual setup or virtual domains as long as mx point to mail.example.com and relaying allowed.
 
You must log in or register to reply here.
Back
Top