Date: Fri, 26 Jun 1998 18:55:34 -0700 (PDT) From: Nicole Harrington <freelist@webweaver.net> To: Terry Lambert <tlambert@primenet.com> Cc: freebsd-isp@FreeBSD.ORG, freebsd-advocacy@FreeBSD.ORG, opsys@mail.webspan.net Subject: Re: Packet Engines - FreeBSD Message-ID: <XFMail.980626185534.freelist@webweaver.net> In-Reply-To: <199806262326.QAA23161@usr01.primenet.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 26-Jun-98 Terry Lambert wisely wrote: >> Well I just bought 10 of them for my project at work. >> One problem though, is that they are comming out with a new/better >> card soon but the driver will not work with it yet. >> >> If anyone wants to see what I am working on, go to >> http://www.webweaver.net/work >> >> I had been wanting to put togther a write up on them, but have been >> too dman busy at work :< > > > It says "ISPCHANNEL DESIGN". > Yes, for www.ispchannel.com Cable modems! > If this is a design for an ISP, I would *seriously* recommend including > *seperate* internal and external DNS. > > This is because "best known practice" for SMTP mail delivery with a > dynamic IP assignment to customers whose domains you are hosting > *requires* this: > <NEAT DRAWING SNIPPED> > > This allows an ISP to assign dynamic IP's (preserving the prescious > static IP address assignments for his own machines and for clients > who pay him (or her) lots of money and want to host their own servers > (these are usually full time connections, anyway). > > You have to have a seperate internal server to allow you to prevent > cached information from damaging your ability to correctly deliver > the mail (ie: if someone cached that client.com's MX was y.y.y.y, and > another customer dialed in and the IP was reassinged, that would be > bad). > I have looked over what you have sent and Thanks! However I don't belive that this will apply to what we are doing since.. A: Our DNS server has a set fwd and rev address for each address. B: No one is allowed to use a domain name without having a dedicated connection. At least I belive that is what you are saying must be needed to prevent the pro blems you describe. I could be Way Off.. Please let me know if I am. ( It's late Friday.. hello hello.. come in Brain...) Also, I have designed a Mailserver to run at MX35 to act as a FAILover with a l arge que storage if I need to take take the mail system offline or the RAID syst em dies somehow or things just get too busy. It also acts as the MX35 for clients who want to run mail at their site. Just to mention, I am using Qmail with Maildir delivery to overcome the fi le locking problems of sendmail across an NFS link. It also is great for hosting a bunch of domains. Later, after it is all assembled I hope to write up what makes it tick and shar e it with everyone here. The setup is ALL FreeBSD except for the DHCP servers ( If only FreeBSD could run Sun/Solaris Binaries) and of course the Netapp device s. Also the drawing needs to be updated since my budget got cut and I needed to scale back a bit on the news system and virtual and ~ customers will stay on the same servers. All the servers are: 400 MHZ pent II's with 128 or 256 Megs mem Abit BX MB S3 video Intel Ether express Ethernet OR Packetengines G-Nic cards DPT 3334UW RAID cards with 32MB Simm 2 Seegate cheeta drives in Mirror Siliconrax cases Hovered around Network Appliance F630 File servers via the Packetengines GB HUB. So far it looks like... Webservice: apache 1.3 Virt FTP: ncftpd FTP: wu FTP Mail: Qmail and tcpd News: Dnews (for now - It works great and I think I can get up to 1000 users on a big box - had to save money somewhere) Transparent/reverse proxy: Squid Nicole > Since sendmail does not cache DNS information, the act of the radiusd > removeing the DDNS (Dynamic DNS) created MX in the internal DNS server > is sufficient to resolve the "do ETRN and hang up, letting someone > else get the IP address instead" problem that would result from cached > data (I don't know what vmailer does, but qmail also does the right > thing). > > A secondary advantage is that the link to the larger net can become > damaged or go down, and many essential services can continue functioning > transparently. > > POP3 retrieval is not sufficient, since envelope information is > destroyed (unless you hack you smtp server to either ensure that the > "Received:" timestamp always includes a "for" -- remove "m" from the > local mailer falgs line -- or you add an "X-Envelope-To:" header). > > Even if the envelope information is not lost, the most popular program > for doing this, "fetchmail" (from the paper "The Bizarre Cathedral") > is too stupid to assign priority other than by order of occurrrance, > and it always insists that the machine you are POPping from be > treated as one of your MX's -- ie: you get bogus delivery if the > SMTP server and the POP3 server are not the same machine, and the > virtual domain to maildrop translation is done on the SMTP server. > This is because the "Received:" timestamps "by hostname" portion > matches, and the for is "for isp.maildrop" instead of the correct > "for user@client.com". > > Much better to use ETRN (and save the maildrop and POP3 processing > overhead at the same time) -- and with DDNS, it's possible to do this > with dynamic IP assignment to your customers. > > > (I'd just hate for such a large setup, like that depicted in youe > diagram, to get mail wrong -- even though almost every ISP on the > Internet tends to get mail wrong. Hell, *my* ISP's SMTP server > stamps the wrong "by servername" on it; the "servername" is *supposed* > to match my MX records, not their internal mythical name for their > mail server on DNS rotor that happens to anser the SMTP port!) > > > Terry Lambert > terry@lambert.org > --- > Any opinions in this posting are my own and not those of my present > or previous employers. nicole@webweaver.net - http://www.webweaver.net/ webmistress@dangermouse.org - http://www.dangermouse.org/ ------------------------------------------------- -- Powered by Coka Cola and FreeBSD -- -- Stong enough for a man - But made for a Woman -- -- Microsoft: What bug would you like today? -- -- I tried an internal modem once, but it hurt when I walked -- --------------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-advocacy" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?XFMail.980626185534.freelist>