[Nottingham] Hosting your own domain/s?

[David Bottrill]

Kus said:
> Can some bright spark on-list lay it all bare nude for me so I can figure
> out if I can afford to register/transfer/host my own, or if thats the way
> to do it?

Kus,

I registered my domian through no-ip and now host my own web server and
mail server at home on the end of my NTL 600k connection.

As part and parcel of NTL's new terms and conditions 1GB per day etc. they
relaxed the ban on running servers at the end of your cable modem.

I too had been using no-ip for bits and pieces and I know their dynamic
DNS daemon works well on linux so I decided to go with them. Their basic
package for registering a .org domain and hosting my DNS worked out at $32
per annum and for an addional $20 you can pay for them to act as a backup
MX receiving email at times when you server / cable circuit is down and
forwarding it on at a later stage. The last thing you want is people
getting undeliverables simply because your cable connection is down, which
is a common occurance on NTL.

I run postfix, squirrelmail and imapd and find this combination works very
well. You need to be careful when hosting a web site in that it is easy to
fill your outbound capacity at which time your own browsing experience
will degrade to virtually nothing. I am fortunate in that I had access to
a commercial piece of kit that would allow me to apply bandwidth
management so I can restrict outbound bandwidth to acceptable levels,
based upon content type http, mp3 etc. There is at least one linux
solution to this now although I can't remember the name of the software.

If you run a router with port forwarding to internal addresses for your
externally hosted services there are issues you should look out for. I
have a Linksys router that works very well except for a problem that I
discovered the hard way. It turns out that when the router port forwards
from the outside to the inside, it translates the source address to the
internal interface address of the router, making it look like the request
has come from a device on my internal LAN. This has big implications for
services like Postfix that assume by default than any PC on your internal
network should be be trusted and in the case of Postfix allowed to relay
SMTP through itself. I wrongly assumed that my router did not translate
the source address, there is no technical reason why it should, however I
learned this the hard way as my box ended up as an open relay for a short
time until I discovered the problem, so it is worth bearing this in mind
if you are using a similar router. A linux box running an iptables would
be far better.

-- 
David Bottrill

david@bottrill.org