7 Replies Latest reply: Sep 2, 2012 11:12 AM by Ryan Burkholder
Ryan Burkholder Level 1 (130 points)

My Mac Pro server running Lion server won't upgrade to Mountian Lion. On top of this, Open Directory doesn't seem to be stable any longer. I want to configure another Mac as a Mountian Lion server running as a directory master, iCal and Address Book server. I want to leave my Mac Pro on a private network as a data and backup server.


Question is, should I put the Mountian Lion server as a public server with a public IP and no router, or should I have it behind my router? I plan on having a few geographical locations soon and want to have my directory server available to each location.


I have reverse DNS configured for one my static IPs, Lion server alyaws seemed to want to revert the host name to the ISPs when it was behind a router.



  • Mark23 Level 3 (975 points)

    Question is, should I put the Mountian Lion server as a public server with a public IP and no router, or should I have it behind my router?


    If you have a network router that shares its Internet connection with computers on your intranet, such as an AirPort Extreme Base Station (802.11n) or a Time Capsule, the router isolates your intranet from the Internet. These Internet-sharing routers protect your intranet against malicious attacks from the Internet by blocking communications that originate outside the intranet.



    Look here:

    Port mapping for network and server protection

  • Ryan Burkholder Level 1 (130 points)

    Yes. I indicated that I had been running behind a router. I was asking if anyone has run pubically, infront of thier router. I want this server to be visible to several other LANs and thought setting it up ahead of my router may help it work better.


    The only services running would have ports open for them anyway.

  • Mark23 Level 3 (975 points)

    A router gives some added protection, but appart from that there is no difference other than the need to set up port forwarding on the router.


    You are setting this up in a home environment or in a data center?

  • Ryan Burkholder Level 1 (130 points)

    It's the primary server for my company. But for directory, VPN, iCal and Address Book only. The others are private servers on the LAN.


    I have several clients that I'll be outfitting with networks to provide my remote presence and services. I desired to bind them all to a single directory server running on my static business connection for now, and then in a data center as the growing continues.

  • Mark23 Level 3 (975 points)

    I'm running 4 Mac Mini servers in a data center without a problem.

    The quad core mac mini's (server variant) is a real powerhouse!

    Do make sure you have a (smallest size) private rack space when moving to a data center, because a lot of people can't stand you running a beautiful open source platform while they're still on an ugly proprietary Windows machine...

  • Mark23 Level 3 (975 points)

    To be able to set up open directory replica's you need to have the following ports forewarding from the router to the server and you need to set an A record to the public ip of the router:


    http://help.apple.com/advancedserveradmin/mac/10.8/#apd563817DF-2D77-47A9-9A37-9 965BFC06A7A

  • Ryan Burkholder Level 1 (130 points)

    I've done that before, good call.


    I went ahead and set up the 10.8 server behind my router on the same LAN as the old server. Figured most of my clients are set up this way so I should be well versed. Perhaps the 10.8 server will resolve the OD and Kerberos issues I was having with 10.7.


    I'll set up a test server soon with a routable public IP and see how it withstands the whirling derbish of the internet.