Re: two webservers, one router, multiple IP's



On Tue, 28 Nov 2006 01:15:02 GMT, shawn modersohn <smoder@xxxxxxxxxxxxx> wrote:
I have a dsl connection and 5 usable ip addresses. I want to set up one
companyweb web server and one development web server. I want to
register in DNS that companyweb.mydomain should be at x.x.x.65 while
development.mydomain should be at x.x.x.66. The public ip address that
my single linksys router picks up is x.x.x.70.

It is my understanding that if I register in DNS that
companyweb.mydomain is at x.65 and development.mydomain is at x.66,
essentially what will happen is that any of those addresses will be
routed from my isp's router to my little subnet and therefore my router.
I can then utilize my 5 addresses without have 5 separate dsl lines and
routers each with separate wan addresses. Is this correct?

Yes.

The problem then becomes how does my router know if the incoming
connection is for companyweb or development. I know I could use port
based forwarding, but I would rather have each web server use the
standard port 80.

My network is small, so I don't really need two internal 192.168.x.x
subnets. My router is only capable of picking up one public wan
address.

Yes.

I don't have a firewall instead relying on the virtue of NAT
via the router to naturally block incoming traffic.

OK for non-webservers in your lan, but see below.

I have briefly read that some firewall appliances can direct traffic
based on the requested ip address. If I was to begin researching using a
Linux firewall/proxy to do this task, would I be on the right track?
Any other suggestions for me? Thanks.

Put a switch between the DSL modem and the router. Then each
webserver machine can plug independently into the switch. Each
webserver will have its own routable IP address (x.x.x.65 or
x.x.x.66) and the router can use a third IP address (x.x.x.67 ?),
so you'll be using three out of 5 of your IP addresses. The rest
of the machines (non-webservers with 192.168.x.x IP addresses)
in your network then attach to the router.

If you want, put a second NIC in each webserver machine, give
each an independent 192.168.x.x address, and attach them to the
router as well. Then all non-internet traffic stays completely
in your lan.

Of course, this means that each of the webservers MUST have
their own firewalls (using iptables).

--
Dale Dellutri <ddelQQQlutr@xxxxxxxxxxxx> (lose the Q's)
.



Relevant Pages

  • Re: Cant use FP2K on 2nd PC to connect to server
    ... that tells me it's not a port 21 issue with the Linksys. ... Advice from work was to> check my Linksys wrt54g router for setting that> might restrict that port that the desktop is on. ... Home wireless network,>>> desktop hard-wired to router, laptop wireless to router. ... >>> My laptop can connect to my web server fine for ftp. ...
    (microsoft.public.frontpage.client)
  • two webservers, one router, multiple IPs
    ... I want to set up one companyweb web server and one development web server. ... It is my understanding that if I register in DNS that companyweb.mydomain is at x.65 and development.mydomain is at x.66, essentially what will happen is that any of those addresses will be routed from my isp's router to my little subnet and therefore my router. ...
    (comp.os.linux.networking)
  • [NEWS] NETGEAR RT311/RT314 Cross-Site Issue
    ... RT311 Gateway Router provides the dynamic Internet connection. ... Scripting Vulnerability ... Tested on NETGEAR RT314 running firmware versions 3.24 and 3.25. ... The NETGEAR Router runs a web server ...
    (Securiteam)
  • Re: Which Router for VPN and Webhosting
    ... I would hope it's not a Win 98 machine running this Web Server ... > that Win98 Intranet Web server machine and take it down, ... Linksys firewall router, but I've run into a high rate of heat ...
    (comp.security.firewalls)
  • Re: Which Router for VPN and Webhosting
    ... I would hope it's not a Win 98 machine running this Web Server ... > that Win98 Intranet Web server machine and take it down, ... Linksys firewall router, but I've run into a high rate of heat ...
    (alt.computer.security)