After much pain I found this great article about how to connect to a Windows VPN from Ubunto 8.10. Thanks Dean!!

I’ve been using Linux powered servers since 1995. About 18 months ago I decided to try using Linux on the desktop. I’m mostly happy with it but there are a number of things that annoy me and at least once per month I seriously think about switching back to Windows.

Some things are my fault:

• Buying a laptop with an NVIDIA card (I’m never going to buy another NVIDIA product)

Some things are out of my control:

• Needing to test applications using IE
• The Australian Tax Office only supports Windows
• Being unable to sync the contacts/calendars between my phone and Evolution

Some things aren’t important but still frustrate:

• The built-in webcam and microphone don’t work
• The external microphone worked with Kubuntu (which killed the audio after a kernel upgrade) but not Ubuntu (which I use)
• I’ve never been able to use the digital TV tuner that came with the computer

While I can do 100% of my day-to-day tasks that only covers 95% of what I do each the month. Being unable able to do the other 5% has become very frustrating and is almost enough to make me switch back to Windows. I just keep feeling that if I hold off long enough that I’ll be able to do the last 5% with Linux (or Reactos will become a viable option).

Update: I’ve made some progress on syncing contacts between my phone and Horde Groupware Webmail Edition using SyncML which I then hope to sync with Evolution.

It’s good to see that Ubuntu 7.04 includes support for the PHP PDO extension. I was a little confused when I saw php5-mysql, thinking it was just the mysql_ extension, but it actually includes the pdo_mysql drivers in addition to the mysql_ and mysqli_ extensions. Yay!!

Ubuntu 7.04 is nearly here. Just two more sleeps (maybe three if you’re in Australia like me). Personally I can’t wait based on what I saw of the early tests.

Ever since I moved to Ubuntu I haven’t been able to get my XDA II mini to stay connected. The output from dmesg was always the same:

[17179652.184000] usb 2-2: new full speed USB device using uhci_hcd and address 2
[17179652.356000] usb 2-2: configuration #1 chosen from 1 choice
[17179652.460000] usbcore: registered new driver usbserial
[17179652.464000] drivers/usb/serial/usb-serial.c: USB Serial support registered for generic
[17179652.464000] usbcore: registered new driver usbserial_generic
[17179652.464000] drivers/usb/serial/usb-serial.c: USB Serial Driver core
[17179652.472000] drivers/usb/serial/usb-serial.c: USB Serial support registered for PocketPC PDA
[17179652.472000] drivers/usb/serial/ipaq.c: USB PocketPC PDA driver v0.5
[17179652.472000] ipaq 2-2:1.0: PocketPC PDA converter detected
[17179652.472000] usb 2-2: PocketPC PDA converter now attached to ttyUSB0
[17179652.472000] usbcore: registered new driver ipaq

followed about 5 seconds later by:

[17179667.064000] usb 2-2: USB disconnect, address 2
[17179667.064000] ipaq ttyUSB0: PocketPC PDA converter now disconnected from ttyUSB0
[17179667.068000] ipaq 2-2:1.0: device disconnected

The solution turns out to be really simple – TURN YOUR PHONE ON!!

With the phone turned off Linux will detect the phone and set everything up then report the phone as disconnected about 5 seconds later. The solution is to turn your phone on. It doesn’t seem to matter if you turn it on before or after you connect it, just as long as you do it before running synce-serial-start.

I’ve been running Evolution 2.8.1 on Ubuntu 6.10 for a few months without any problems. Today Evolution started reporting that it has lost it’s connection to Exchange:

"Can't get message, Lost connection to Evolution Exchange backend process"

After half a day of the Exchange web mail interface driving me crazy I finally fixed the problem. The solution turned out to be simple. After removing the Exchange account from Evolution and quitting it I ran the following commands to remove all evidence of Exchange:

% evolution --force-shutdown
% cd ~/.evolution
% rm -rf `find . -name *exch* -print`

I then restarted Evolution and added the Exchange account again.

Warning: Before removing any files or directories you should back up your entire ~/.evolution directory just in case something goes wrong and you need to restore it.

For some reason there aren’t any PDO packages for PHP 5 on Ubuntu 6.10. They’re pretty easy to install from PECL but you might need to install the dev version of your database client libraries. Below is what I had to type to install PDO with the MySQL driver.

% sudo apt-get install libmysqlclient15-dev
% sudo pecl install pdo
% sudo pecl install pdo_mysql

You then need add the following to the end of your php.ini file(s). Depending on which version of PHP you installed they’ll be /etc/php5/apache2/php.ini, /etc/php5/cgi/php.ini and /etc/php/cli/php.ini.

extension=pdo.so
extension=pdo_mysql.so

Update: Before you can install any PECL extensions you need to install the php5-dev package. For information see my post about Using PECL with Ubuntu.

I’ll be using MySQL to store user information for the small business server. This could be done with an LDAP server and many people will tell you that it should be. I chose MySQL over LDAP because it’s easier to understand, easier to use and you’ll probably require it anyway.

Installing MySQL

Once more apt-get makes installing services trivial

sudo apt-get install mysql-client-5.0 mysql-server-5.0 mysql-common

That’s it!! You don’t need to do anything else in this post. I’ll cover creating a schema for users and adding a few in my next post.

In the last post I explained how to configure forward DNS (turning the name into an IP address). In this post I’ll tell you how to configure BIND so that it turns an IP address into a name. I’ll also explain the SOA information at the top of the zone files.

Reverse DNS

We’re using the 192.168.x.x network so I’ll use the file /etc/bind/db.192.168. Change the name of the file as appropriate for your network. Copy the following into your file

;
; BIND reverse data file for local network
;
$TTL    604800
@       IN      SOA     localhost. root.localhost. (
                              1         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
;
@       IN      NS      localhost.

You now need to add entries for each IP address in the form

xxx.yyy      IN   PTR    sbs.example.com.

This turns the IP number 192.168.yyy.xxx into the name sbs.example.com.

Once you have created the zone file you need to add it to /etc/bind/bind.conf.local

    zone "168.192.in-addr.arpa" in{
      type master;
      file "/etc/bind/db.192.168";
      allow-update{none;};
    };

To hide this from people outside of the network I included it in the “external” view created in the previous post. Restart bind and you should now be able to resolve IP numbers into names.

Start of Authority – SOA

The SOA record is the first thing that appears in the zone file. The format is

<domain.name.>   IN  SOA  <hostname.domain.name.>  <mailbox.domain.name>
        <serial-number>
        <refresh>
        <retry>
        <expire>
        <minimum-ttl>

Serial-number is the serial number for this version of the file. You need to increment this each time you make a change to the zone file. A good idea is to use the current date and a number in the format YYYYMMDDnn where nn is a unique number for that day. So the first zone file for today would have 2007021801.

Refresh is how many seconds to wait before polling the primary name server to see if the serial number has changed.

Retry is how many seconds to wait if a refresh fails before trying again.

Expire is the number of seconds after both a refresh and retry fail before the domain name server stops serving the domain.

Minimum-TTL is the minimum time for an entry to live.

Next time I’ll cover setting up MySQL.

The domain name server is an important part of the small business server allowing us to connect to other computers using friendly names instead of IP addresses. Because my client has a static IP address and an ISP willing to operate the slave domain name server I configured their domain name server as the master DNS for their domain. If your ISP isn’t willing to do this then you can use a service like no-ip.com or easyDNS.

Installing the domain name server

Installing the domain name server is a simple process thanks to apt-get. Simply log into the server and type in the following command.

% sudo apt-get install bind9

Configuring DNS

Because of our network setup the domain name server needs to resolve names to IP addresses differently for internal and external clients. To do this we use “views” so that internally names resolve directly to the servers IP address while externally they resolve to the routers IP address which will port forward to the server. We will also use views so some names resolve internally but not externally.

Start by creating a new file called /etc/bind/db.example.com-external (using your domain instead of example.com) and copy the following into it.

;
; BIND data file for example.com
;
$ORIGIN example.com.
$TTL    604800
example.com.            IN      SOA     example.com. root.example.com. (
                              1         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
;
                IN      NS      xxx.xxx.xxx.xxx.
                IN      NS      ns1.my-isp.com.
                IN      NS      ns2.my-isp.com.
;
example.com.    IN      A       xxx.xxx.xxx.xxx
;
@               IN      MX      10      sbs.example.com.
;
;
localhost               IN      A       127.0.0.1
sbs                     IN      A       xxx.xxx.xxx.xxx
www                     IN      CNAME   sbs
mail                    IN      CNAME   sbs

This zone file will be used when resolving names for requests from outside of our network. It should never return an internal IP address and should only contain entries we want visible externally. Make the following changes to suite your environment.

• Change root.example.com to the email address of the person responsible for your DNS replacing the @ with . (hence root@example.com becomes root.example.com)
• Change example.com to your domain
• Change sbs to the name of your small business server
• Change xxx.xxx.xxx.xxx to the public IP address of your router
• Change ns1.my-isp.com and ns2.my-isp.com to the names of the slave name servers

Now copy that file to /etc/bind/db.example.com-internal (remember to use your domain instead of example.com).

% sudo cp /etc/bind/db.example.com-external /etc/bind/db.example.com-internal

This zone file will be used when clients inside our network make DNS queries. You’ll need to change all of the external IP adresses to internal IP addresses. You may also want to add entires for internal devices such as other computers, network printers and your gateway. It’s safe to put these here because they won’t be visible from outside of your network. These entries will look something like:

pc1                     IN      A       xxx.xxx.xxx.xxx
pc2                     IN      A       xxx.xxx.xxx.xxx
printer                 IN      A       xxx.xxx.xxx.xxx
gateway                 IN      A       xxx.xxx.xxx.xxx

Now edit /etc/bind/named.conf.local and copy the following into it.

view "internal" {
    match-clients { 192.168.1.0/8; };

    zone "example.com" {
            type master;
            file "/etc/bind/db.example.com-internal";
    };
};

view "external" {
    match-clients { any; };

    zone "example.com" {
            type master;
            file "/etc/bind/db.example.com-external";
            allow-transfer {
                    xxx.xxx.xxx.xxx;
            };
    };
};

Then make a couple of changes to suite your environment:

• example.com should be changed for your domain name
• Replace xxx.xxx.xxx.xxx with the IP address for the server acting as the slave for your domain. You can add multiple lines here.
• Change 192.168.1.0/8 to suite your subnet

Finally restart the domain name server

% sudo /etc/init.d/bind9 restart

Port forwarding

To make your domain name server visible from outside of the network configure your router to forward UDP/TCP port 53 to the server.

Testing the domain name server

You should now test your DNS is configured properly by using the dig command. This needs to be done both inside and outside your network so you know each location is getting the correct result. Example queries are:

% dig @localhost example.com.au ns
% dig @localhost example.com.au a
% dig @localhost example.com.au mx
% dig @localhost sbs.example.com.au a
% dig @localhost www.example.com.au a
% dig @localhost www.example.com.au mx
% dig @localhost mail.example.com.au a
% dig @localhost mail.example.com.au mx

From outside your network simple change locahost for your routers IP address. This will also tell you if port forwarding is working correctly.

Tip: If your queries timeout then check /var/log/syslog for the error messages.

Making it live

When you’re ready to make the your DNS server live it’s a fairly simple process.

1. Configure your slave domain name servers to use your master. Your ISP or DNS hosting company can help you with this.
2. Get your domain registrar to change your primary, secondary and (optionally) other DNS servers.

As you can use any of the domain name servers as the primary and secondary servers it might make sense to use your ISP/DNS hosting company’s server for this as they’ll have a faster connection.

I’ll finish the domain name server in the next post when I cover the reverse lookup.