290
edits
Changes
Jump to navigation
Jump to search
Adding a New Machine to the Network (view source)
Revision as of 06:51, 10 December 2013
, 06:51, 10 December 2013Created page with "====== Add machine to network ====== ==== SAMBA NOTES ==== This needs to be more formally documented, but first, follow: http://www.whitneytechnologies.com/?p=119 Then also ..."
====== Add machine to network ======
==== SAMBA NOTES ====
This needs to be more formally documented, but first, follow:
http://www.whitneytechnologies.com/?p=119
Then also edit /etc/pam.d/system to have
auth sufficient /usr/local/lib/pam_winbind.so
sudoers should use "%domain\x20admins ALL=(ALL) ALL"
If ZFS, also look at https://mywushublog.com/2012/05/zfs-and-acls-with-samba/
<note warning>This information is semi-deprecated. Lloyd is currently working on our Subnet project.</note>
===== Internal access =====
==== Proxy ====
Note: This is no longer necessary. We previously did not have port 80 open externally but do now.
**/etc/profile** and **/etc/bash.bashrc**
export http_proxy=http://wwwcache.york.ac.uk:8080
export ftp_proxy=http://wwwcache.york.ac.uk:8080
you can run the command below to append to both files
echo -e "\n#proxy settings\nexport http_proxy=http://wwwcache.york.ac.uk:8080\nexport ftp_proxy=http://wwwcache.york.ac.uk:8080" | sudo tee -a /etc/profile | sudo tee -a /etc/bash.bashrc
==== DNS ====
**/etc/hostname**
<non-FQDN-name-just-the-machine-local-name>
**/etc/resolv.conf**
nameserver 10.0.0.4
domain ury.york.ac.uk
search ury.york.ac.uk
Add the machine to **uryfs1:/etc/bind/db.10-0-0**, **uryfs1:/etc/bind/db.ury**
==== DHCP ====
Add the mac address and IP to **uryfs1:/etc/dhcp/dhcpd.conf**
===== External access =====
For a server to provide web services externally, we usually reverse proxy them through URY. If the server will be hosting other services, do the following:
- Get an IP assigned from the Vanbrugh subnet from IT Services. They need to know the following:
-- The server's hostname
-- The server's MAC address
-- The server's operating system and version (e.g. Debian Squeeze)
-- The server's location - This is V/URY <3840>
- Once IT Services has done this (i.e. closed the request and provided you the IP), configure the server to connect out on VLAN 108 with the provided details. A sample /etc/network/interfaces file is below.
<code>
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface, URY Internal
auto eth0
allow-hotplug eth0
iface eth0 inet static
address 10.0.0.--
netmask 255.255.255.0
network 10.0.0.0
broadcast 10.0.0.255
dns-nameservers 10.0.0.4
dns-search ury.york.ac.uk
#External 108 Vanbrugh Subnet
iface vlan108 inet static
address 144.32.---.---
netmask 255.255.254.0
network 144.32.---.---
broadcast 144.32.---.---
gateway 144.32.108.76
dns-nameservers 144.32.128.243
dns-search york.ac.uk
mtu 1500
vlan_raw_device eth0
</code>
Note: Ports 1-3 on the netgear switch (urysw1) are inverted - internal traffic is on vlan1 and external on untagged. You can either change the above sample file, or reconfigure the switch port.
===== Links =====
[[computing:mainpage|Back to Computing Home]]
==== SAMBA NOTES ====
This needs to be more formally documented, but first, follow:
http://www.whitneytechnologies.com/?p=119
Then also edit /etc/pam.d/system to have
auth sufficient /usr/local/lib/pam_winbind.so
sudoers should use "%domain\x20admins ALL=(ALL) ALL"
If ZFS, also look at https://mywushublog.com/2012/05/zfs-and-acls-with-samba/
<note warning>This information is semi-deprecated. Lloyd is currently working on our Subnet project.</note>
===== Internal access =====
==== Proxy ====
Note: This is no longer necessary. We previously did not have port 80 open externally but do now.
**/etc/profile** and **/etc/bash.bashrc**
export http_proxy=http://wwwcache.york.ac.uk:8080
export ftp_proxy=http://wwwcache.york.ac.uk:8080
you can run the command below to append to both files
echo -e "\n#proxy settings\nexport http_proxy=http://wwwcache.york.ac.uk:8080\nexport ftp_proxy=http://wwwcache.york.ac.uk:8080" | sudo tee -a /etc/profile | sudo tee -a /etc/bash.bashrc
==== DNS ====
**/etc/hostname**
<non-FQDN-name-just-the-machine-local-name>
**/etc/resolv.conf**
nameserver 10.0.0.4
domain ury.york.ac.uk
search ury.york.ac.uk
Add the machine to **uryfs1:/etc/bind/db.10-0-0**, **uryfs1:/etc/bind/db.ury**
==== DHCP ====
Add the mac address and IP to **uryfs1:/etc/dhcp/dhcpd.conf**
===== External access =====
For a server to provide web services externally, we usually reverse proxy them through URY. If the server will be hosting other services, do the following:
- Get an IP assigned from the Vanbrugh subnet from IT Services. They need to know the following:
-- The server's hostname
-- The server's MAC address
-- The server's operating system and version (e.g. Debian Squeeze)
-- The server's location - This is V/URY <3840>
- Once IT Services has done this (i.e. closed the request and provided you the IP), configure the server to connect out on VLAN 108 with the provided details. A sample /etc/network/interfaces file is below.
<code>
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface, URY Internal
auto eth0
allow-hotplug eth0
iface eth0 inet static
address 10.0.0.--
netmask 255.255.255.0
network 10.0.0.0
broadcast 10.0.0.255
dns-nameservers 10.0.0.4
dns-search ury.york.ac.uk
#External 108 Vanbrugh Subnet
iface vlan108 inet static
address 144.32.---.---
netmask 255.255.254.0
network 144.32.---.---
broadcast 144.32.---.---
gateway 144.32.108.76
dns-nameservers 144.32.128.243
dns-search york.ac.uk
mtu 1500
vlan_raw_device eth0
</code>
Note: Ports 1-3 on the netgear switch (urysw1) are inverted - internal traffic is on vlan1 and external on untagged. You can either change the above sample file, or reconfigure the switch port.
===== Links =====
[[computing:mainpage|Back to Computing Home]]