Page 2 of 2 FirstFirst 12
Results 11 to 19 of 19

Thread: Ability to designate an IP Address

  1. #11
    Join Date
    May 2006
    Posts
    1
    Rep Power
    9

    Default

    Where in the server.xml.in file should I put the address line. I see <Connector port="%%zimbraMailPort%%", etc but no connector specifically tied to port 80.

  2. #12
    Join Date
    May 2006
    Posts
    26
    Rep Power
    9

    Default

    Correct, %%zimbramailport%% is a wildcard that gets replaced (with your port preference) when the server is started up. Everytime you startup zimbra it recreates the config file from server.xml.in which is why you cannot just change server.xml and get it to work.

  3. #13
    Join Date
    Nov 2005
    Posts
    518
    Rep Power
    11

    Default

    just add the address line inside the connector block

  4. #14
    Join Date
    Nov 2005
    Location
    Austria
    Posts
    223
    Rep Power
    10

    Default

    I soon will move my Zimbra install to a root server, where I want to buy one additional IP address for all the Zimbra stuff. Therefore I have to force all Zimbra services (tomcat, openldap, pop3, secure pop3, etc.) to listen on this IP address.

    On a test install I managed to bind tomcat on an additional IP (changed server.xml). All other services still listen on all addresses. Is there a workaround for that?

    Here is a part of a netstat where all services are listed which would have to be configured to listen on one specific IP:

    Code:
    tcp        0      0 0.0.0.0:3310                0.0.0.0:*                   LISTEN      5958/clamd          
    tcp        0      0 :::993                      :::*                        LISTEN      5828/java           
    tcp        0      0 :::995                      :::*                        LISTEN      5828/java           
    tcp        0      0 :::7780                     :::*                        LISTEN      5923/httpd          
    tcp        0      0 :::7047                     :::*                        LISTEN      5594/java           
    tcp        0      0 :::110                      :::*                        LISTEN      5828/java           
    tcp        0      0 :::143                      :::*                        LISTEN      5828/java           
    tcp        0      0 :::7025                     :::*                        LISTEN      5828/java              
    tcp        0      0 :::7035                     :::*                        LISTEN      5828/java

  5. #15
    Join Date
    Sep 2006
    Posts
    1
    Rep Power
    9

    Default Unable to bind all Zimbra 4.0.1 services to a single IP

    I spent about 8 hours trying to find and bind all of the Zimbra 4.0.1 services to a single IP on my mac server. (Note that for any real production application this should be a simple task.) It does not apper that Zimbra is capable of even being manually tweaked to bind to a single IP address this at this time.

    First, it appears that some work has been done to support some of the pieces. The zmsetup.pl script appears to bind the ldap service (port 389) to the hostname (i.e., its asssociated IP) during the setup process. Also, it appears that it is possible to assign the pop3 service to a single IP address using the admin interface. (I put in the FQDN of the host instead of an IP address and the pop3 service bound to the single IP. Why it only affects the pop3 port and not also the pop3 ssl port, I don't know.) It also appears from one of the attrib files that I saw that there may be some support for IP addresses in the Zimbra LDAP schema for the other mail store services, but, there doesn't appear to be any user interface support for setting the IP addresses anywhere that I could find.

    I was also able to get the tomcat settings for ports 80, 443 and 7071 altered using the information another message. (I ended up modifying both /opt/zimbra/conf/server.xml and server.xml.in and puttling the address="1.2.3.4" line under the Server and each Connector section. Since I don't understand exactly how it works, I tried multiple locations and finally ended up here with it working.)

    I was also able to get apache bound to the IP address by changing the conf/httpd.conf file but I don't know what port 7780 is used for so this might be (necessary but) moot.

    I was not able to get postfix to bind to a single IP even after using postconfig to add the line "smtp_bind_address = 1.2.3.4" to the postfix.conf/main.cf file. It still bound to INADDR_ANY.

    Anyway, at this point, I was able to get the server started and mail sent to the server. I gave up when all the messages sent to the Zimbra server ended up in the deferred queue with the message "connect to 127.0.0.1[127.0.0.1]: server dropped connection without sending the initial smtp greeting". No messages were being delivered. The smtp-amvis was answering there on port 10024 and postfix was there on port 25 (see problem from previous paragraph). I don't know why it wasn't being delivered.

    Bottom line: Zimbra is not ready for use as a real production service. If you can dedicate a server with no other services and a single IP address, it may be workable but otherwise don't even try.

    Vote for Bugzilla Bug 6111 to support getting this fixed: here
    Last edited by fharvell; 09-10-2006 at 08:33 PM.

  6. #16
    Join Date
    Aug 2006
    Posts
    6
    Rep Power
    9

    Default

    I have been struggling with this for over a month and was unsucuessful in getting the server and associated applications to bind to the IP that I needed. So I broke the server up into separate VMware systems for Mail, VoIP, IM, and document management.

    Good for system management, bad for the system administrator and the extra work that it involved.

    Zimbra is an complicated mashup of a dozen or so applications with their respective SSL certs, name bindings and IP address bindings. I can only imagine that the future holds the integration of more applications to handle the requests of feature hungry users like me.

    I think it would be worth the time to tackle a project like this now. There just needs to be a simple script that we can run that takes care of the all of the heavy lifting and black magic needed to bind applications (any or all) to specific IP addresses/ports.

    Robert

  7. #17
    Join Date
    Oct 2005
    Location
    Washington DC
    Posts
    47
    Rep Power
    10

    Default

    Wow this is weird... and frustrating... everytime I go to fix something I get to deal with some other problem... Zimbra was creating the server.xml fine... now I have reinstalled and I now the server.xml file refuses to stop creating the <!-- --> tags around my SSL section...

    Is there something wrong with this?

    chamber:/opt/zimbra/tomcat/conf# cat server.xml.in
    <Server port="8005" shutdown="SHUTDOWN">

    <GlobalNamingResources>
    <!-- Used by Manager webapp -->
    <Resource name="UserDatabase" auth="Container"
    type="org.apache.catalina.UserDatabase"
    description="User database that can be updated and saved"
    factory="org.apache.catalina.users.MemoryUserDatab aseFactory"
    pathname="conf/tomcat-users.xml" />
    </GlobalNamingResources>


    <Service name="Catalina">
    <!-- user services connector, no SSL -->
    <!-- HTTPBEGIN
    <Connector port="%%zimbraMailPort%%"
    address="209.9.228.67"
    acceptCount="1024"
    enableLookups="false" redirectPort="%%zimbraMailSSLPort%%"
    maxThreads="100" minSpareThreads="100" maxSpareThreads="100"/>
    HTTPEND -->
    <!-- user services connector, SSL -->
    <!-- HTTPSBEGIN -->
    <Connector port="%%zimbraMailSSLPort%%"
    address="209.9.228.67"
    acceptCount="1024"
    enableLookups="false"
    maxThreads="100" minSpareThreads="100" maxSpareThreads="100"
    scheme="https" secure="true"
    ciphers="SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4 _128_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_ WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_ SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_RSA_WITH _3DES_EDE_CBC_SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SH A,SSL_RSA_WITH_DES_CBC_SHA,SSL_DHE_RSA_WITH_DES_CB C_SHA,SSL_DHE_DSS_WITH_DES_CBC_SHA,SSL_RSA_EXPORT_ WITH_RC4_40_MD5,SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA,SSL_DHE_DSS_ EXPORT_WITH_DES40_CBC_SHA"
    clientAuth="false" sslProtocol="TLS"
    keystoreFile="/opt/zimbra/tomcat/conf/keystore" keystorePass="zimbra"/>
    <!-- HTTPSEND -->
    <!-- admin services connector; requires SSL -->
    <Connector port="7071"
    address="209.9.228.67"
    acceptCount="1024"
    enableLookups="false"
    maxThreads="50" minSpareThreads="50" maxSpareThreads="50"
    scheme="https" secure="true"
    ciphers="SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4 _128_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_ WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_ SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_RSA_WITH _3DES_EDE_CBC_SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SH A,SSL_RSA_WITH_DES_CBC_SHA,SSL_DHE_RSA_WITH_DES_CB C_SHA,SSL_DHE_DSS_WITH_DES_CBC_SHA,SSL_RSA_EXPORT_ WITH_RC4_40_MD5,SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA,SSL_DHE_DSS_ EXPORT_WITH_DES40_CBC_SHA"
    clientAuth="false" sslProtocol="TLS"
    keystoreFile="/opt/zimbra/tomcat/conf/keystore" keystorePass="zimbra"/>

    <Engine name="Catalina" defaultHost="localhost">
    <Realm className="org.apache.catalina.realm.UserDatabaseR ealm"
    resourceName="UserDatabase" />

    <Host name="localhost" appBase="webapps" autoDeploy="false">
    <DefaultContext reloadable="false"/>
    <Context path="/" docBase="${catalina.home}/webapps/zimbra" debug="0" crossContext="true"/>
    </Host>

    <Valve className="org.apache.catalina.valves.AccessLogVal ve"
    pattern="combined"/>
    </Engine>
    </Service>
    </Server>

    chamber:/opt/zimbra/tomcat/conf# cat server.xml
    <Server port="8005" shutdown="SHUTDOWN">

    <GlobalNamingResources>
    <!-- Used by Manager webapp -->
    <Resource name="UserDatabase" auth="Container"
    type="org.apache.catalina.UserDatabase"
    description="User database that can be updated and saved"
    factory="org.apache.catalina.users.MemoryUserDatab aseFactory"
    pathname="conf/tomcat-users.xml" />
    </GlobalNamingResources>


    This is what it creates... everytime, no matter what I do i can not get rid of the portion that masks the SSL config... Why does it do this?

    <Service name="Catalina">
    <!-- user services connector, no SSL -->
    <!-- HTTPBEGIN -->
    <Connector port="80"
    address="209.9.228.67"
    acceptCount="1024"
    enableLookups="false" redirectPort="443"
    maxThreads="100" minSpareThreads="100" maxSpareThreads="100"/>
    <!-- HTTPEND -->
    <!-- user services connector, SSL -->
    <!-- HTTPSBEGIN
    <Connector port="443"
    address="209.9.228.67"
    acceptCount="1024"
    enableLookups="false"
    maxThreads="100" minSpareThreads="100" maxSpareThreads="100"
    scheme="https" secure="true"
    ciphers="SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4 _128_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_ WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_ SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_RSA_WITH _3DES_EDE_CBC_SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SH A,SSL_RSA_WITH_DES_CBC_SHA,SSL_DHE_RSA_WITH_DES_CB C_SHA,SSL_DHE_DSS_WITH_DES_CBC_SHA,SSL_RSA_EXPORT_ WITH_RC4_40_MD5,SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA,SSL_DHE_DSS_ EXPORT_WITH_DES40_CBC_SHA"
    clientAuth="false" sslProtocol="TLS"
    keystoreFile="/opt/zimbra/tomcat/conf/keystore" keystorePass="zimbra"/>
    HTTPSEND -->
    <!-- admin services connector; requires SSL -->
    <Connector port="7071"
    address="209.9.228.67"
    acceptCount="1024"
    enableLookups="false"
    maxThreads="50" minSpareThreads="50" maxSpareThreads="50"
    scheme="https" secure="true"
    ciphers="SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4 _128_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_ WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_128_CBC_ SHA,SSL_RSA_WITH_3DES_EDE_CBC_SHA,SSL_DHE_RSA_WITH _3DES_EDE_CBC_SHA,SSL_DHE_DSS_WITH_3DES_EDE_CBC_SH A,SSL_RSA_WITH_DES_CBC_SHA,SSL_DHE_RSA_WITH_DES_CB C_SHA,SSL_DHE_DSS_WITH_DES_CBC_SHA,SSL_RSA_EXPORT_ WITH_RC4_40_MD5,SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA,SSL_DHE_DSS_ EXPORT_WITH_DES40_CBC_SHA"
    clientAuth="false" sslProtocol="TLS"
    keystoreFile="/opt/zimbra/tomcat/conf/keystore" keystorePass="zimbra"/>

    <Engine name="Catalina" defaultHost="localhost">
    <Realm className="org.apache.catalina.realm.UserDatabaseR ealm"
    resourceName="UserDatabase" />

    <Host name="localhost" appBase="webapps" autoDeploy="false">
    <DefaultContext reloadable="false"/>
    <Context path="/" docBase="${catalina.home}/webapps/zimbra" debug="0" crossContext="true"/>
    </Host>

    <Valve className="org.apache.catalina.valves.AccessLogVal ve"
    pattern="combined"/>
    </Engine>
    </Service>
    </Server>
    chamber:/opt/zimbra/tomcat/conf# ls
    AdminService catalina.policy context.xml log4j.properties server-minimal.xml server.xml.in tomcat-users.xml zimbraAdmin.web.xml.in
    Catalina catalina.properties keystore logging.properties server.xml service.web.xml.in web.xml zimbra.web.xml.in
    chamber:/opt/zimbra/tomcat/conf# cat server-minimal.xml
    <Server port="8005" shutdown="SHUTDOWN">

    <GlobalNamingResources>
    <!-- Used by Manager webapp -->
    <Resource name="UserDatabase" auth="Container"
    type="org.apache.catalina.UserDatabase"
    description="User database that can be updated and saved"
    factory="org.apache.catalina.users.MemoryUserDatab aseFactory"
    pathname="conf/tomcat-users.xml" />
    </GlobalNamingResources>

    <Service name="Catalina">
    <Connector port="8080" />

    <!-- This is here for compatibility only, not required -->
    <Connector port="8009" protocol="AJP/1.3" />

    <Engine name="Catalina" defaultHost="localhost">
    <Realm className="org.apache.catalina.realm.UserDatabaseR ealm"
    resourceName="UserDatabase" />
    <Host name="localhost" appBase="webapps" />
    </Engine>

    </Service>
    </Server>

  8. #18
    Join Date
    May 2007
    Location
    London, UK
    Posts
    26
    Rep Power
    8

    Default Any update on this?

    Any further on this guys?

    I'm looking at trying to bind - at the very least - tomcat and apache to a specific IP address. I need to place our provisioning system onto the same host so that I can use the Zimbra binaries to add accounts etc. At the moment, I can't do that because Zimbra insists on taking over all of my interfaces.

    I've already tried to modify the server.xml and httpd.conf... and had success to SOME degree... although it seems that Zimbra rewrites these config files each time it starts up?

    Besides, a manual fudge isn't particularly useful - it's obviously not going to be very useful for less technically minded folk, and its a PIA when it comes to upgrading...

    I wonder how many people have been put off even installing Zimbra to test becuase they're already running services on thier servers and Zimbra refuses to install or start because it can't bind to the ports it wants? (even though if you could specify an IP address it would work...)

    Just a thought...

  9. #19
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,587
    Rep Power
    58

    Default

    Quote Originally Posted by Leesbian View Post
    Any further on this guys?
    There's another thread here that you might find helpfule plus there's an RFE in bugzilla that has some details about binding to one IP (you should also vote on it).
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

Similar Threads

  1. I got Ubuntu and Zimbra working
    By pacsteel in forum Installation
    Replies: 73
    Last Post: 06-23-2008, 12:41 PM
  2. Change hostname and IP Address!
    By celeron in forum Administrators
    Replies: 6
    Last Post: 07-15-2007, 10:27 PM
  3. Two IP Address
    By ikmsupport in forum Administrators
    Replies: 7
    Last Post: 11-23-2006, 08:26 PM
  4. Installation Hostname and IP Address
    By plan9 in forum Installation
    Replies: 8
    Last Post: 04-21-2006, 09:25 AM
  5. changing hostname and ip address of zimbra server
    By illscientific in forum Administrators
    Replies: 1
    Last Post: 11-22-2005, 08:08 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •