SME Server talk:Documentation:Administration Manual:Appendix/fr

From SME Server
Jump to navigation Jump to search


Annexes du Manuel de la SME

Les pages des Annexes suivantes sont inclues pour votre information.

Annexe A. Introduction to the Ethernet Local Area Network (LAN)

Un réseau local (LAN) est le système de câbles et autres matériels qui relie les ordinateurs au sein de votre bureau et leur permet de communiquer avec un autre. Un réseau local Ethernet est le type le plus commun. Ethernet désigne à la fois une sorte de connexion et un protocole pour comment les paquets de données Internet voyagent à travers votre réseau.

Le Switch, un élément commun d'un réseau Ethernet, sert de point d'interface entre les ordinateurs du réseau. Chaque ordinateur de votre réseau est connecté au concentrateur à l'aide d'un câble réseau Ethernet. Certains Switchs peuvent fonctionner à des vitesses différentes: certains fonctionnant à 10 Mb/sec, conviennent pour de petits réseaux; certains plus rapides, fonctionnant à 100 Mb/s, sont adaptés pour les grands réseaux. Les Switchs 10/100 Mb peuvent fonctionner aux deux vitesses, et fournir une bonne façon de mettre à niveau votre réseau progressivement.

Un adaptateur ethernet, aussi appelé une carte Ethernet ou carte d'interface réseau (NIC), relie chaque ordinateur au réseau local Ethernet. Un serveur avec une connexion Internet dédié nécessite deux adaptateurs Ethernet; on se connecte à votre réseau local et l'autre se connecte au réseau externe qui mène à votre FAI. Si votre serveur se connecte à votre FAI en utilisant un modem ou ISDN, il ne nécessitera qu'un seul adaptateur ethernet. Un routeur assure que les paquets de données sur Internet (par exemple, e-mail, des informations d'une page Web, etc) atteignent les ordinateurs appropriés sur votre réseau. Le routage est l'une des fonctions exercées par le serveur en mode serveur et passerelle (server and gateway).

Permettre à un tiers, comme un intégrateur de systèmes ou d'une société de gestion de réseau, de mettre en place votre réseau Local peut être une bonne idée. Il pourra vous aider à choisir, à vous procurer et à installer les adaptateurs appropriés, le Switch et la mise en place des câbles Ethernet. Il existe également divers guides pratiques disponibles dans les librairies si vous désirez l'installer de votre propre chef.

Annexe B. DNS

DNS ou le service de nom de domaine est un système de serveurs conçus pour traduire les noms lisibles par l'homme en adresses IP routables sur les réseaux informatiques.

DNS : les Basiques

La SME Server, de par sa conception, ne répond pas aux requêtes DNS provenant de l'extérieur de votre réseau local, et ne peut pas être utilisé comme un serveur DNS public pour quiconque est en dehors de votre réseau. Si vous voulez que votre serveur SME soit atteignable des utilisateurs en dehors de votre bureau en utilisant un nom au lieu d'une adresse IP (Adresse IP Internet), vous devez:

  • Enregistrez votre nom de domaine auprès d'un registar
  • Configurez vos noms d'hôte sur un serveur DNS accessible au public

Note: vous pouvez éviter «l'enregistrement» de votre nom de domaine si vous utilisez #Services de DNS dynamique

Imaginez le scénario suivant:

Serveur_DNS_Root
 |     Registrar
 |    /   Serveur_DNS
 |   /   /            Autre_DNS
 |  |   /            /
 Internet---Autre_FAI---Utilisateur_Distant
     |
 Votre_FAI---Serveur_DNS_de_Votre_FAI
     |
    SME
     |
 Utilisateur Local


Supposons que :

  • La SME a une adresses IP a.b.c.d
  • La SME a un nom de domaine mysmeserver.com
  • Utilisateur_distant est configuré pour utiliser Autre_DNS pour les recherches DNS

Si Utilisateur_distant essaie de parcourir http://mysmeserver.com,son ordinateur demande à Autre_DNS comment trouver 'mysmeserver.com'. Le serveur Autre_DNS Alors

  • demande aux serveurs_DNS_root le Registrar en charge de 'mysmeserver.com'
  • demande au Registrar le serveur DNS qui résous 'mysmeserver.com'
  • demande au serveur_DNS l'adresse IP de 'mysmeserver.com'
  • Enregistre la réponse dans son cache local pour le laps de temps spécifié par l'administrateur dans l'enregistrement DNS du Serveur_DNS

Si, d'autre part, l'utilisateur_distant demande des informations sur votre adresse IP (abcd), son serveur DNS

  • demande a Serveur_DNS_Root ou d.c.b.a.in-addr.arpa est enregistré.
  • demande au registar ou trouver plus d'info sur d.c.b.a.in-addr.arpa. C'est probablement mais pas nécessairement le Serveur_DNS_de_Votre_FAI
  • demande à l'hôte indiqué par le Registrar (probablement le Serveur_DNS_de_Votre_FAI) quel nom appartient à 'd.c.b.a.in-addr.arpa'. La valeur de retour est presque toujours un retour générique basé sur votre adresse IP, sauf si vous contactez votre FAI pour lui demander de modifier les données PTR de votre adresse IP.

Fondamentalement, les enregistrements PTR sont gérés par l'organisation qui contrôle l'adresse IP (ce qui est logique, si vous y réflechissez).

If Local_User tries to open http://mysmeserver.com (assuming a default SME installation with DHCP and therefore DNS provided by the SME server):

  • If mysmeserver.com is configured for Local resolution, the SME server returns the data that has been configured locally.
  • If mysmeserver.com is configured to use Internet DNS Servers, the SME proceeds just as the first example from Root_DNS to Registrar to DNS_Server to local cache (actually, it checks the local cache first...)


So, for you to host a public web server at your own location you need:

  • An ISP to provide connectivity
  • A DNS Registrar where you can 'register' your domain name and publish the addresses of your DNS servers.
  • A DNS service provider who will respond to queries about your domain

Some ISP's provide registration and DNS hosting capabilities as part of the connectivity package.

Some ISP's provide DNS hosting but not Registration as part of the connectivity package.

Some Registrars provide DNS hosting as part of the registration.

Sometimes you will need 3 separate vendors for these separate services.

If you have already registered your domain name, find out if your Registrar provides DNS hosting services, and if so, how to configure them. They'll provide you with a web address where you can configure your DNS.

If they do NOT provide DNS hosting services, your ISP might. Ask them. If so, configure your DNS on their servers, then edit the Registrar page to point to the DNS servers indicated by your ISP.

If neither your Registrar nor your ISP provides DNS hosting, you'll need to find a 3rd party vendor to do this. See #Fournisseur de service DNS below.

If you have not yet registered your domain name, try to find a Registrar who provides free DNS services.

PTR Records

PTR Records (or Pointer records, or Reverse DNS records) are used by internet hosts to convert an IP address into a name - sometimes for information only, sometimes for identity verification.

PTR records are constructed by reversing your IP address and appending the special suffix 'in-addr.arpa'. For example, the PTR record for a.b.c.d is d.c.b.a.in-addr.arpa.

A DNS lookup for a PTR record looks just like a DNS lookup for a domain name at this point - Root_DNS, Registrar, DNS_Server, except that the return value will be a host name instead of an IP address.

With very few exceptions all PTR records are registered to the ISP that controls the IP block in question, so frequently the ONLY way to change your PTR records is to contact your ISP and request that they be changed.

PTR records are only rarely used for their original purpose of verifying the identity of a particular computer - this is now done with SSL certificates and Trust Authorities.

The PTR record for your SME Server only becomes important if you plan to deliver email directly from your SME to recipient email servers (without using your ISP's mail server as a relay). Some email providers will not accept your email if the name returned by the 'reverse lookup' of your IP address does not in its turn result in your IP address when it, itself is looked up. It doesn't necessarily need to match your configured domain name, but it has to work both ways.

For example, if the nslookup d.c.b.a.in-addr.arpa (the reverse lookup for your IP) returns dsl-a-b-c-d.mycity.myispsname.com then before trying to send email directly from your SME to the Internet at large you want to make sure that nslookup dsl-a-b-c-d.mycity.myispsname.com returns your a.b.c.d and not an error or some other address.


SPF Records

SPF (Sender Policy Framework) records are added to the DNS zone record for domain names. Many receiving mail servers now require sending mail servers to have properly configured SPF records for the domain(s) being sent from. Failure to have SPF records can result in mail being rejected by mail servers eg Hotmail servers will reject mail that comes from mail servers without SPF records.

The SPF entries are added to your external DNS records. They are not configured on the sme server.

See http://www.openspf.org/

Here is a test site at Microsoft/Hotmail where you can check if SPF records are configured for your domain.

http://www.microsoft.com/mscorp/safety/content/technologies/senderid/wizard/default.aspx

Different providers have different mail acceptance policies. Look for tech support pages for the provider. Here is additional information re getting your mail through to Hotmail servers, it's where you start the process going for Hotmail if you still have problems after having configured SPF records.

http://postmaster.live.com/

Here's where you submit your (detailed) request to Hotmail

https://support.msn.com/eform.aspx?productKey=edfsmsbl&ct=eformts&scrx=1

References:

http://forums.contribs.org/index.php/topic,21631.0.html

http://forums.contribs.org/index.php/topic,31726.0.html

http://forums.contribs.org/index.php/topic,34664.0.html

http://forums.contribs.org/index.php/topic,40009.0.html

http://forums.contribs.org/index.php/topic,42373.0.html

Services de DNS dynamique

If your IP address is assigned dynamically, you may find it helpful to use a dynamic DNS service. A dynamic DNS service provides you with an automated way to notify them whenever your IP address changes so that they can immediately publish new DNS records for your domain. Without dynamic DNS, you would have to contact your ISP to have them change your DNS records, and your web site and other services would be unavailable for several days until the change was processed. You can easily enable the usage of a dynamic DNS service by selecting it on your server console.

A dynamic DNS service can be a great solution when used with a dedicated connection. With a typical dialup connection, your IP address changes much more frequently (possibly every time your server connects) and, because the server only connects intermittently, there is a delay in informing the dynamic DNS service of the change. This means that the risk of misdirected information is much greater with a dialup connection. For this reason, we recommend and support the use of dynamic DNS services only for dedicated connections.

Contribs.org has tested four dynamic DNS services, of which two are free services and two are commercial services: yi.org (free), dyndns.com (commercial), tzo.com (commercial) and dyndns.org (free). For simplicity, we have preprogrammed the server to work with these services (including pre-installing their client software). If you have arranged dynamic IP address assignment from your ISP and you wish to use one of these services, all you need to do is visit the appropriate web site to sign up for service, and enable that particular function in the server console. In pre-configuring the server for this particular service, we in no way interfere with nor prevent you from using another dynamic DNS service if you wish. To do so, however, would require some customized configuration on your part.

Contribs.org has tested the functionality of these services with our software. However, we accept no liability for any breach of service on their part. A failure on the part of your dynamic DNS service can result in your network becoming temporarily unreachable from the Internet. During these times, your e-mail may be undeliverable.

If your IP address is assigned dynamically and you intend to receive all your e-mail directly (rather than having it stored at an ISP and retrieving it via POP or IMAP), but you decide not to use a dynamic DNS service, you should implement multidrop e-mail as your e-mail solution as this will ensure that no e-mail is misdirected to another IP address (See Some important notes on Service list D (multidrop mail) in|Chapter 3.)


  Note:
Dynamic DNS services are not perfect. They merely point hostnames to IP addresses. If your system receives an IP address via DHCP or PPPoE, it will automatically update the dynamic DNS service each time it comes online. However, when your server disconnects from the Internet, with most dynamic DNS services your server does not indicate that it is offline in any way to the dynamic DNS service. If your system is offline for a period of time, it is possible that someone else will be assigned your IP address by your ISP. If this occurs, with most dynamic DNS services this other system will now start receiving your e-mail and web page requests until your server comes back online and updates the service with your new IP address. There is not much you can do about this, but you should be aware of this fact if there is any chance your system will be offline for a long period of time.


Fournisseur de service DNS

Here is a brief list of vendors who provide DNS service hosting. The inclusion of a vendor here does not constitute endorsement by the SME developers.

Appendix C. Proxy Servers

The server comes with a proxy server called Squid which can proxy the web (HTTP), FTP and Gopher protocols. Proxy servers temporarily store information from the Internet on the hard drive of the server, allowing other users to access it directly from that hard drive. For example, when an employee visits a web page, the web proxy server will store that web page. Subsequent visitors to that web page will read it from your proxy server's hard drive, rather than over the Internet. This slightly reduces the network performance for the first visitor to that web page, but can enhance the performance for subsequent visitors.

Many gateway systems require the use of proxy servers, but with the server it is optional. Networked applications such as web browsers will work perfectly without proxying, due to the IP masquerading capability of the server.

In general, we recommend that proxying be disabled in your network applications. Using the proxy server can benefit the organization if you have a slow Internet connection and you've installed your server software on a fast computer. In this case, reading from the hard drive will be faster than reading from the Internet. Remember, though, that a proxy server benefits the second and subsequent visitors to a site but not the first visitor, so this benefit only applies if your users tend to visit the same sites repeatedly.

A proxy server is generally not appropriate if you have a fast Internet connection and you've installed your server software on a lower- or mid-level computer. In this case, reading from the hard drive of the computer may not be faster than over the Internet. It also offers no benefit to your organization if employees at your site do not tend to visit the same web pages.

Appendix D. Technical Support

If you are having difficulty configuring another vendor's hardware or software, we recommend you refer to the manual or contact the vendor for that product.

The SME Server is open source software, Contribs.org encourages users to freely share copies of our software.

Developers may wish to note that additional documentation, including HOWTO documents and a FAQ, can be found on our development web site - http://wiki.contribs.org/. There are also links there to other web sites relating to the server.