I've got a mandrake-based, basic server hosting mydomain.com. on its own network zone(192.168.1.2).

here's what i am not sure how to do: say i want HTTP (port 80) requests for the subdomain "otherbox.mydomain.com" to forward to another box (192.168.0.2) ON ANOTHER PORT (say, 580 or something like that), and FTP (port 21) requests for "otherboxftp.mydomain.com" to forward to the other box (192.168.0.2 again) on some other port.

background (perhaps not even important): the idea is a safe primary server on my DMZ/Orange zone, forwarding occasional requests to a test server on the Green (local network). the test server (win2k - i do some asp onc in a while) is primarily a workstation (I want it on the local Green network), and i'd like to use non-standard ports to avoid confusion with the primary server's traffic, and to make the DMZ pinholes extra safe.

not really sure but I think you want to redirect

you could make virtualhosts on the main server mydomain.com

like this

www.mydomain.com
otherbox.mydomain.com

now you could have the DocumentRoot for otherbox in a seperate folder that has index.php

<?php
header("Location: http://192.168.0.2:580");
exit();
?>

of course if this request is coming over the internet then it will need a valid routable ip address to work

or maybe you could point it to www.mydomain.con:580 and use iptables to forward port 580 to the other machine. That would avoid having to have it need a valid ip if you are using masq


<?php
header("Location: http://mydomain.com:580");
exit();
?>

thanks David,
i think the second solution is headed in the right direction (although i am curious why the second box needs a valid routable IP - I assume you mean an IP on the internet - wouldn't the firewall 'know' that 192.168.0.1 was a local request and route accordingly?)

here's my question. if the forwarding is just an index.php file, won't that mean that requests for otherbox.mydomain.com/someotherpage.htm will fail? any clever way around that?

well if I type 192.168.0.1 I will connect to a machine on my network, not yours. Internet routers will not route those numbers, they are for LANs only.

You really need to have a valid ip address. The other thing is port forwarding, you could forward the port that people will conect to on the main machine to the other machine. Most people use this method for internal webservers, but not having the router a webserver too.


I think what I would do here if the one machine can't simply do everything is to setup the other machine to share the website over nfs, mount it on the main server machine and point the virtualhost to it. That would use the disk space of the second machine and the webserver of the first.


There could be some other solution that I'm not aware of, is there a particular reason why the first machine can't do everything?



not sure if there's another way around the port forwarding, if the port is forwarded though then any request on that port would go to the machine. However requests on port 80 would go to the main server. they would need to be requesting all pages and files on the forwarded port.
The initial request could be 0n port 80 because it would not include a filename, just the domain name.
all other links would need to be structured like this
http://otherbox.mydomain.com:580/filename
or http://mydomain.com:580/filename
which is not real pretty but could be done with all of your links

another thing you may be able to do is to have some php script that would catch every request and rewrite each header.

David, thanks for your insights.
the main server is a linux box (company html + php/mysql programming jobs). the second server is a win2k box (asp/access/sqlserver programming jobs, etc.).

the challenge is to make the second server's urls use port 80 and be routable based on name (i don't want clients who are looking at the sites on the win2k box to have to remember to add a port # to the url).

having looked around a bit more, using Apache's 'proxypass' technique seems to be the smartest route here (although it is http specific & as such won't let me ftp the win2k box - but that is a minor complaint). it will take an incoming request on the mainserver & massage the url & reroute to the win2k box.

so it will be as a virtualhost on the linux box that reroutes to the windows box?

that's the idea. let's hope it works