LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 09-16-2005, 10:36 AM   #1
jread
LQ Newbie
 
Registered: Sep 2005
Posts: 2

Rep: Reputation: 0
Firewall routing by hostname - possible?


Hi,
I am setting up a gateway/router linux box and I have a question about routing. I know that I can use NAT to route packets by port to different hosts, but what about by hostname? I have several physical servers which will be located behind this new box, each running a web server. The whole network will share a single external IP address and I want to have packets routed by the hostname they are addressed to. For example, if I have two servers box1 and box2 I would like box1.example.com to route to box1 and box2.example.com to route to box2 even though both box1.example.com and box2.example.com will use port 80 for web traffic and will resolve to the same external IP address.
Is this possible? How would I go about setting this up?

Thanks for your help!
JR
 
Old 09-16-2005, 10:54 AM   #2
jfryman
Member
 
Registered: Dec 2004
Location: Newport News, Virginia
Distribution: CentOS 4, FC4, Ubuntu Breezy/Dapper, Arch 0.7.1
Posts: 40

Rep: Reputation: 15
jread,

I *think* this may be possible with the help of an application layer firewall that does stateful packet inspection. iptables has this functionality with some patching involved... which you can find at

http://l7-filter.sourceforge.net/L7-HOWTO-Netfilter

However, if you're attempting to run multiple websites off of multiple computers, I can think of a couple of ways of doing it.

One would be to remove the multiple machines from the equation. You can easily run multiple websites off a single computer using Apache and Virtual Domains. It's not a super difficult concept, but if you are new at it, you'll need to sit down and read some docs. You can find that information at http://httpd.apache.org/docs/2.0/

Going along that same route... if you're going to use multiple machines, why not try setting up clustering with virtual domains? That way, you can use an existing firewall to route to a single clustered IP address, which will handle the websites on their own. That way, you can increase the speed of each of your websites by deploying over the multiple machines.

Of course, there are multiple ways to skin this cat... just pick and choose. Good luck!

-James
 
Old 09-16-2005, 10:55 AM   #3
draxen
Member
 
Registered: Nov 2004
Posts: 43

Rep: Reputation: 15
How is your router going to know, if the request is for box1 or box2 ?
It will arrive at your router with exactly the same IP. You'd have to have some kind of proxy app on the router, analyzing http packets. If you really want to do this, I'd suggest a web server with virtual hosting set up on the gateway, such that it redirects http requests to appropriate internal servers.
 
Old 09-16-2005, 11:34 AM   #4
jread
LQ Newbie
 
Registered: Sep 2005
Posts: 2

Original Poster
Rep: Reputation: 0
Hi and thanks for the replies!

I was thinking that I would need something at the application level but it was worth checking into. Removing the multiple machines would be the best way, I agree, but I have some clients who insist on running their websites on Windows servers so I need to be able to have demo sites for them on my WinXP box. I'll check out Layer 7 but I think you're both right - I'll have to use some form of proxy.

Thanks again!
JR
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Firewall Security / Gateway Routing colabus Linux - Networking 1 09-13-2005 11:15 PM
Firewall Routing trent000 SUSE / openSUSE 1 07-19-2005 11:17 AM
sendmail on solaris with no hostname & ipfw (or other firewall) tutorials Maidros Solaris / OpenSolaris 1 07-10-2005 01:34 PM
Hostname/Routing problems with home network robintw SUSE / openSUSE 15 01-08-2005 07:55 AM
Firewall, Routing and Subnets - is this possible? donoss Linux - Networking 2 10-28-2004 12:34 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 05:00 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration