Which network configuration?

0

I have a dual core machine at home w/ 8GB RAM and 3 TB HDD. I have a static IP and a couple of registerd domain names.I have a consumer grade ZTE VDSL2 modem/WiFi accesspoint/router/switch that I can put into bridge mode. After PRISM expose I decided to have my own server for cloud storage, blog, proxy/filter, mail server, active directory and Diaspora social network. I have 5 other computers, 3 tablets and couple of smartphones at the moment.

I am planning to run my own DHCP and DNS server (with some CNAMEs). I searched over the Internet but couldn't clear my mind. AFAIU there are two possible configurations:

I. Put the modem on bridge mode and use it as a media converter only. Connect server to WAN port of modem through ethernet. Connect a switch to a second ethernet on the server. Install a USB wireless dongle to server on bridge mode as well. Connect server to internet via PPPoe and use as DHCP server for other computers (wired and wireless). This is less desirable for me because of lack of 802.1n in dongles I have and short range.

Q1 Is it possible to use WiFi access point on modem since DHCP server is on server.

II. Use modem in bridge mode use it as switch and wireless access point as well. Connect server (in this case PPPoe possible is not possible) and other computers to modem's on board ethernet switch.

Q2 In this case is it possible to turn off modem's DHCP server and get the IP numbers from DHCP server on the server computer.

Q3 Is it possible to use this computer as DNS server (BIND9 for CNAMEs) as well?

bind wireless-networking lan dhcp-server adsl Starcrescent
sumber

Jawaban:

0

First of all, a modem doesn't route, switch or provide DHCP services. What you're talking about is really a device that does all this, but it's not a modem. I understand you want to increase the flexibility of your network to provide new services. I believe the best way you can achieve this objective is to configure your modem so that it acts as a modem, disabling routing and switching services. Once this is going to be done, you'll want to install both a switch and a router on your network. You router may be a computer with two network adapters if you want. It could also provide DHCP and DNS services.

  1. Depending on your device, it may be possible to enable a Wi-Fi access point and to disable the DHCP server. Once you'll have another DHCP server on the network, it should provide leases to wireless users.

  2. Yes, in most cases you can disable DHCP.

  3. Yes, you can run a DNS server on any computer you want. You'll need to enable port forwarding to your server so that it can be reachable from the Internet for DNS resolution. As for the DNS server configuration, you might want to look at this article.

Topology

user7429642
sumber
In your drawing is it possible to serve CNAMEs (like mail.mydomain.com, I only registered the mydomain.com) from a server behind router/firewallI to internet? I understand that server may sit b/w modem and switch as router an do all the other things. However, from security point of view this is not desirable am I correct?
Starcrescent
You are correct, it's possible to serve DNS services, which let you advertise all types of records including CNAMES, from a server behind a router/firewall. You would need to configure the router/firewall accordingly so that the DNS ports are forwarded to your server. If your server is properly configured to be a router, it can certainly sit between the modem and the switch. From a security point of view, as long as your equipment is configured correctly, you don't get any more security from another physical device.
user7429642