Possible or Impossible to do in Linux?
 

Situation: Linux router sitting between a cable modem and a local network. Three different IPs are assigned to the modem. The local network has multiple machines, one of which provides (at bare minimum) HTTP and FTP, and another that simply provides FTP.

What I need to have happen is the router routes traffic to different machines depending on the destination IP address; foo.bar.baz goes to Box A, foo.bar.gleep goes to Box B, etc. This needs to happen with at least FTP protocol, preferably any protocol (HTTP, SSH, etc)

The router would also act as a DNS nameserver, handling both internal and external requests. External requests for domain names, internal requests so that the local network can talk to various parts of itself.

Can this be done? Can the Linux machine route FTP traffic from foo.bar.baz to Machine A at the same time as routing FTP traffic from foo.bar.gleep to Machine B, while also allowing Machine C talk to Machine A and Machine B via FTP, SSH, HTTP, whatever?

If this is possible, what Linux distribution would be best suited for this type of massive undertaking?

short answer: No, I think.
First, when you say that three IPs are assigned to the cable modem, that means that three IP addresses point to the cable modem. It doesnt mean that three IPs are passed through the modem. When the data gets to the modem, the modem doesnt care about hostnames, it just sends it out to the one device it can connect to: your linux router. With the router you'd have to enable port forwarding and a sort of NAT (Look up IP masquerading). The only thing you could do is have different ports forwarded to different computers. IE:
Box A foo.bar.baz:21 -> your.ip.of.cmodem -> linux router (which port?)^--> 192.168.1.2:21
\-----------------------------------------------------/

Box B foo.bar.gleep:2121 -> your.ip.of.cmodem -> linux router(which port?) ^ --> 192.168.1.3:21
\------------------------------------------------------/

Box C foo.bar.sea:?? -> your.ip.of.cmodem -> linux router(which port?)^ --> 192.168.1.4:??

Notice that the external ports are not dependant on the services, but you must specify the port if your not using the default port for a known service. So if I wanted to access Box A's ftp service I would do "ftp foo.bar.baz" but if I wanted to access Box B's ftp service I would have to do "ftp foo.bar.gleep:2121". ftp foo.bar.baz is the equivalent of ftp foo.bar.baz:21, but since the port of ftp is well established as 21, it is not needed.

Box C will still be able to access box A and B's services, but only through the local ip's. Servers seem to have a problem sending data back to themselves. This can be achieved by adding entries into the hosts file for each computer :
That would be the hosts file for Box C so that you could still use the name to access the service. So in short, the reason that you cannot do the whole dns thing you're trying to do, is because of NAT.

Kholnuu:

Assuming the IPs are public addresses, certainly possible. It may be easiest to put the three servers up with their public IPs and just have the router box do a bridge between the servers and the internet, and filter the traffic accordingly.

This would *probably* land DNS on one of the three servers and not on the router, but that's ok as it belongs there anyway.

If you only have one internet routable IP, you're going to have a lot more trouble doing this, and you'll have to resort to some kind of PAT situation, or a reverse proxy kind of thing.

As for the distro to use -- I put OpenBSD (which is *not* linux, if that matters to you) on anything that is responsible for security. Just makes sense. It's got everything you could ever need to do routing and it's nice and small and trim too.

Check out M0n0 Wall. I think it will do what you need right out of the box. M0n0wall is based on FreeBSD but what you want could still be done in linux, but why reinvent the wheel?