• Home
  • History
  • Annotate
Name Date Size #Lines LOC

..03-May-2022-

zones/H06-Oct-2017-544476

MakefileH A D03-May-2022412 2015

READMEH A D06-Oct-20172.7 KiB6659

run-all.shH A D06-Oct-20171.7 KiB4832

README

1This directory contains example data (with DNS views) to load
2into a fresh Netmagis installation. There are two main objectives:
3    - show how to import your own data
4    - quickly get a running Netmagis installation in order to
5	test the software
6Data are loaded through the "run-all.sh" script which you can copy
7and adapt to suit your own needs. See installation documentation
8on http://netmagis.org
9
10Furthermore, these data are used during the development stages to
11test the software.
12
13This document explains the scenario used in this example.
14
15- The company (Example Corporation) has a RFC 1918 network
16    (172.16.0.0/16) and a DMZ (198.51.100.0/24 and 2001:db8:1234::/64)
17    where some public servers are located.
18- Example Corp has organized a non commercial event, which needs a
19    dedicated website (www.example.org)
20
21- on an network management point of view, some users can use Netmagis
22    (see networks.txt and group.txt):
23    - network engineers (members of the wheel group) are allowed
24	to administer the application itself, and have extended
25	rights on all networks
26    - support staff (members of the staff group) are allowed to
27	manage internal hosts
28
29- on a DNS point of view (see view.txt, domain.txt and zones/* files):
30    - the "external" DNS view shows some hosts in example.com and
31	example.org (with IPv4 and IPv6 addresses). This view is
32	accessed only by the wheel group members
33	This view implies zone generation for:
34	    example.com
35	    example.org
36	    100.51.198.in-addr.arpa
37	    4.3.2.1.8.b.d.0.1.0.0.2.ip6.arpa
38	Zone below is not generated for this view, since data are
39	private:
40	    16.172.in-addr.arpa
41    - the "internal" DNS view shows all internal hosts as well
42	as hosts located on the DMZ (i.e. external view), with
43	one exception (see below)
44	This view implies zone generation for:
45	    example.com
46	    16.172.in-addr.arpa
47	    100.51.198.in-addr.arpa
48	Zones below are not generated for this view, since they do
49	not differ from external view and RR can thus be resolved by
50	the public name server (with external zones):
51	    example.org
52	    4.3.2.1.8.b.d.0.1.0.0.2.ip6.arpa
53    - for historical (i.e. bad) reasons, one server located on the
54	internal network need to be reachable from the Internet
55	with a public (NAT) address. Therefore, this server has
56	a different IP address in external and internal views
57
58- on a mail point of view (see mailrelay.txt and mailrole.txt):
59    - all mail traffic is routed through mx[12].example.com
60    - internal mail routing accepts mail to:
61	sales.example.com
62	and mail is redirected to mailhost.example.com located
63	in the internal network. Consequently, an MX must be
64	published in external view, and the associated mail
65	relay is known only in the internal view
66