newbie question: how to configure network for web traffic
Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
newbie question: how to configure network for web traffic
Hi everyone,
I have a question on how to configure my network for web traffic.
Here is my setup:
I have the following virtual machines, (all guest are running on CentOS 5.3);
firewall: Smoothwall 3.0, (hardware, not virtual)
guest # 1: Apache http server
guest # 2: Qmail server
guest # 3: Proftp server
I want all of these services on different machines for security reasons, (mainly the ftp server)
My question is how do I route the traffic from the firewall to the different machines? I have been looking at setting up a reverse proxy, however, everything that I have read says that a reverse proxy will not handle the smtp/pop3 traffic.
Can I just use a DNS server to route the traffic?
Any advice or suggestions would be appreciated.
Also, if there is a better way to ask my question, please let me know.
You don't give us enough information about your network. I'm guessing that
you have a single IP address and that you are using Smoothwall to provide
NAT services to your lan. I'm also guessing that you have another host
that is running some type of virtualization software.
If this is right, it depends on the networking option you have in your
virtualization software. If it is a natted connection, you'll need to
do port forwarding on the virtualization host. If it is a bridged
connection, you won't need to change anything on the virtualization
host.
You will need to configure Smoothwall to forward connections for each
protocol to the appropriate IP address.
Sorry for not giving enough information. Here are my thoughts on my network:
firewall: Smoothwall 3.0, 192.168.x.1
guest # 1: Apache http server 192.168.x.10
guest # 2: Qmail server 192.168.x.11
guest # 3: Proftp server 192.168.x.12
All of my guest are on a bridged connection. I have reconfigured Smoothwall as you have suggested.
I use DNS2Go for managing my dynamic IP address. I am still testing, (going to an internet cafe today to do my external testing). I am not sure if I should run DNS2GO on my Smoothwall firewall, or set up a virtual DNS server to handle both the DNS2GO connection and route my traffic internally. I have sent an email to DSN2GO to ask for their advice on this.
Ultimately, I would like to change my web services to the DMZ on my firewall, with a range of 10.0.x.x. This is to keep any hackers off of my internal network.
I would be happy to listen if you have any suggestion on any of this.
Thanks a lot for your help. If you need any more information, please let me know.
zog
Last edited by zogthegreat; 10-19-2009 at 08:07 AM.
Okay, you'll just need to configure smoothwall to forward the
connections to the appropriate hosts.
I haven't run smoothwall in a long time. As I recall there is
no option to forward connections to the internal network. Your
hosts would have to be in the DMZ in order for this to work.
Check the documentation for smoothwall.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
