Results 1 to 7 of 7
  1. #1

    HELP with RaQ 4r units

    Hi there,
    I guess we desperately need help with a RaQ 4r unit. It is loaded with the 550 software. (BTW if we have to reload from the disk we were given, does this work like the old Qubes?) Anyway, we have one primary company and several other related companies that we want to set up web and email for. We want to do this behind one public IP and I was told we could do this with a RaQ 4r. Our LAN is sitting behind a WatchGuard Firebox firewall also, on the Trusted Interface, so this unit hangs off the Optional Interface. Also, a couple of the companies are in another building several miles away, but serviced by the same ISP, Xspedius. We want web and email for them also, on the RaQ in the main building. Is there any kind of accurate tutorial or document out there that I can follow?

    Just to start out, I can ask the following:
    1 - I guess I have questions about everything, starting with the Host Name - is www the best (they always say something like Qube or RaQ) and then your URLname.com for Domain (ie. ourraq.joesdirtco.com or even just joesdirtco.com)?
    2 - Is the only way to do this, by configuring a Public IP on the RaQ, and if so, is it interface II and a private IP on interface I that is tied to the gateway which is the Optional Port on the firewall?
    3 - How is DNS set up correctly, for all of the domains?
    4 - How should it be at our registrar (directNIC)? Should we be just redirecting to our static IP, and if so, should the nameservers be changed to the Raq, or maybe our ISPs nameservers? Or should we be using the directNIC directDNS feature?
    5 - How do we configure users, both inside and out, to access their email?

    I guess, after trying this for several days, I am totally confused, and desperately need help. I want to do this in the best way possible. Should we put some other software on the unit first? If so, what, and how do we go about it? Thank you in advance for your help.
    - Paul

  2. #2
    Join Date
    Aug 2006
    Posts
    275
    Most of your questions have more to do with your WatchGuard firewall, your ISP, and your Domain registrar than with the Raq, or are generic to setting up these services. Any experienced network administrator can setup the configuration you desire, and you should consider hiring one. There are also numerous third-party Raq support services that can help you for a fee. If you post here requesting a recommendation I'm sure you'll get one.

    *DNS - The Raq provides a fairly thin interface to traditional Linux DNS. A good tutorial is at: http://www.howtoforge.com/traditional_dns_howto but there are many around the web. This will begin to answer your DNS questions. You probably want to rely on your ISPs DNS servers (or your registrars, or someplace like Zoneedit.com) as the primary DNS and your Raq as the secondary. There is much written elsewhere in this forum about getting the Raq to correctly run a secondary DNS server.

    *Hostnames - While it makes little difference what name you give your systems, most people still use www for webservers. Some use "mail." for mail servers or "stmp.", but as often people choose other names. You can access your system myraq.joesdirtco.com from simply joesdirtco.com but this is a DNS setup issue, not a Raq issue;

    *Interfaces - Since I don't know what "Trusted" and "Optional" interfaces are on your firewall, it is hard to address these things (are they the DMZ and LAN?) A Raq can be setup to use the "I" and "II" ethernet ports for anything, LAN, WAN, whatever. The only distinction is when reloading or reinstalling the system. If your Raq is on a LAN (private address) you'll need to use some scheme like port forwarding to expose its web and mail interfaces. If it is on the DMZ, then the public IP exposed there can be the Raq interface for your services. You can use the second interface for the LAN or not at all.

    *Mail - You need to decide whether users will access mail with POP or IMAP or both. The POP, IMAP, and SMTP interfaces needs to be exposed through your firewalls for users outside. Users inside can access them either using the LAN through the Raq secondary interface (if it is configured), through a loopback in your firewall, or through the WAN. There are numerous security considerations involved in setting up an external mail service that cannot be used by spammers as a relay site.

    *550 OS The received wisdom seems to be that the Raq 550 OS is not the ideal candidate to stand up to high web or mail loads, so if you expect those you may wish to consider a more modern Raq OS implementation such as CentOS+BlueQuartz, offered as an installer at www.osoffice.co.uk, and also at www.nuonce.net

    Good luck.

  3. #3
    Thank you. I guess I do realize that most of it is straightforward. I am more concerned with how the multiple virtual sites need to be set up to function with only one static Public IP. Is there anything in particular to watch out for in setting this up?

  4. #4
    Join Date
    Aug 2006
    Posts
    275
    Quote Originally Posted by NetExtra
    Thank you. I guess I do realize that most of it is straightforward. I am more concerned with how the multiple virtual sites need to be set up to function with only one static Public IP. Is there anything in particular to watch out for in setting this up?
    No, this is what the Raq UI excels at. It handles all the details for the various multiple vsites during setup. Simply list them all with the same IP and you'll be fine. I run dozens of (low-volume) vsites on a single external IP through a (Sonicwall) firewall on the DMZ, and everything works fine.

    Best,
    --gnet

  5. #5
    Thanks again. Based on this, and the fact that I am not anticipating high volume or loads, should I stay with the 550 OS? If I think that I have messed up the installation, would it be best to reinstall the 550 OS and start over? If so, does that work like the old Qube units, from an install PC?
    - NetExtra

  6. #6
    Join Date
    Aug 2006
    Posts
    275
    This is a question on which intelligent people may vary. There is a thread here: http://www.webhostingtalk.com/showthread.php?t=556418 on the topic.

    There is one (very loud) poster who will tell you to go back to (his version) of the Raq4 OS. In fairness, it was reportedly more stable than the early 550 oS under load. However, virtually every piece of it is now years out-of-date, and is not being actively developed and maintained.

    The folks at RaqTweak.com have come out with a version of the 550 OS with an updated kernel and much updated software that they call Rackstar (www.rackstar.net). I have evaluated it and it is pretty good, but requires you pull the disk and use a PC to install, which is a pain. Additionally, it has only the one company supporting it, and what appears to be a quite small number of users.

    Finally there is CentOS+BlueQuartz. CentOS is a distinct community OS project with a large base of contributors, and it has been ported to the Raq and Qube systems, along with a version of the 550 GUI by another community program called BlueQuartz (www.bluequartz.org). CentOS is based on RedHat Linux. There is a commercial installer available for a fee from www.osoffice.co.uk, and this is what I have decided to use on my Raq4s. Their installer works just like the old Raq system restore disk, though you need to have an up-to-date boot ROM (which you can flash yourself if you're careful). I have found it very reliable and stable so far but YMMV.

    I am not affliated with any of these companies and have no commercial interest in Raq development.

    Finally, yes the Raq restore process works as you expect. You need a PC with a supported network card and a CD-ROM. However, re-installing the OS really isn't going to help with the instability, and if you do reinstall, be 100% certain you have installed the (many, many, many) updates available from Sun and elsewhere.

  7. #7
    Join Date
    Nov 2003
    Location
    Northville, Michigan
    Posts
    325
    This is funny... you don't know the first thing and he wants you to switch os's...

    Geese...

    Ok first your missing some basic things... I would suggest you first read the manual for the 550 and it should give you some answers... after that you might want to come back and start a new thread in the area you have questions about...

    You can get a copy of tha manual here
    http://www.cobaltiso.com/manual.raq550.en.pdf

    Just to start out, I can ask the following:
    1 - I guess I have questions about everything, starting with the Host Name - is www the best (they always say something like Qube or RaQ) and then your URLname.com for Domain (ie. ourraq.joesdirtco.com or even just joesdirtco.com)?
    dosen't matter... I used to reccomend people use something like ns1 or ns2 so it dosn't cause major problems with a site durring migration/ recovery...

    The other thing is you mainly want your ip to resolve to your hostname and your hostname must resolve at the same time. so
    if "your ip" = bla.bla.someisp.bla
    You would want to set your hostname to that...
    if you can change what your ip resolves to.. you get choice...
    This all just makes for a little better mail


    2 - Is the only way to do this, by configuring a Public IP on the RaQ, and if so, is it interface II and a private IP on interface I that is tied to the gateway which is the Optional Port on the firewall?
    no.. the 550 os is not a router by default. it's just another port you can turn on and do webhosting from...

    3 - How is DNS set up correctly, for all of the domains?
    add a a record for domain.tld and www.domain.tld and make a mx record for domain.tld to domain.tld if you set the hostname to your ns1 then editing your soa record wil be very easy...

    You can also use the auto dns feature

    4 - How should it be at our registrar (directNIC)? Should we be just redirecting to our static IP, and if so, should the nameservers be changed to the Raq, or maybe our ISPs nameservers? Or should we be using the directNIC directDNS feature?
    make your static ip a nameserver and set that with your registar. you should get a secondary too...

    5 - How do we configure users, both inside and out, to access their email?
    just give them usernames and passwds and tell them the in/outgoing server is your ip.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •