httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Darrel Austin <daus...@visi.com>
Subject RE: Router Recommendation? (Was Re: Apache behind a router?)
Date Thu, 28 Feb 2002 02:56:29 GMT
The external link is my incoming DSL line with 5 IPs. Yea, I realize 
I could do a software solution, but I'd really just prefer a hardware 
router/firewall.

-Darrel


>Is the external link ethernet?  A Pentium 100 with two NICs, Linux and
>iptables can NAT itself silly, in addition to other fw/route duties.
>
>
>-----Original Message-----
>From: Darrel Austin [mailto:daustin@visi.com]
>Sent: Wednesday, February 27, 2002 8:13 PM
>To: users@httpd.apache.org
>Subject: RE: Router Recommendation? (Was Re: Apache behind a router?)
>
>
>Dan:
>
>Yea, that's the theory ;o)
>
>It's a good theory, but the problem is that you can only have 1 VIP
>address active with NAT. That means only 1 address can NAT through it
>to the inside.
>
>So, I suppose my real question is, what's the cheapest router that
>can have multiple VIP address with NAT running (my ISP suggested the
>Cisco 806 (?) but that's $350...a bit too much for a hobby server.)
>
>-Darrel
>
>
>
>
>>Boy that sounds like a familiar config... At work we have two lines, a
>>T1 coming into a Cisco 2620 and a SDSL coming into a Cisco 678 -- prolly
>>very similar to your 675...
>>
>>Our DSL also gives us a block of 5 IPs. Though I have not done this, and
>>God knows our DSL tech support was of absolutely no help... And
>>searching thru the Cisco help database was worse than wading through the
>>Perl Man Page...
>>
>>But, (theoretically) you should be able to assign a different static IP
>>to another VIP interface. And then just use static addressing and port
>>forwarding to point it to a different internal address on the same
>>subnet... Any current mapping is done between eth0 and vip0 -- add a NAT
>>rule to map some addresses from eth0 to vip1... essentially...
>>
>>		(show interfaces)
>>
>>	eth0 *current internal IP subnet*
>>	vip0 *current external IP*
>>	vip1 *additional external IP*
>>
>>Theoretically it should work, though as I said I haven't had a need to
>>try it yet...
>>
>>Tell me if it works to, or if you've tried it... I'd like to know if it
>>works...lol...
>>
>>Dan
>>
>>
>>
>>
>>-----Original Message-----
>>From: Darrel Austin [mailto:daustin@visi.com]
>>Sent: Wednesday, February 27, 2002 2:19 PM
>>To: users@httpd.apache.org
>>Subject: Router Recommendation? (Was Re: Apache behind a router?)
>>
>>Hey Dan:
>>
>>I don't want to take this thread too far off topic, but you appear to
>>know
>>about routers a bit.
>>
>>We're currently hosting two different web servers on our network, along
>>with
>>4-6 workstations, and a block of 5 IPs. We'd like to NAT everything,
>>however, we can't NAT more than one IP address using our default Cisco
>>675
>>router (ie, we can't NAT 1.1.1.1 to one internal IP and 1.1.1.2 to a
>>second
>>internal IP), so we need to upgrade to a router/firewall that can.
>>
>>Can you recommend one? These are just hobby servers on a DSL line,
>>nothing
>>high-end...but I hate having all of these machines hooked up via
>>external
>>static IPs.
>>
>>Apologies for drifting off-topic...
>>
>>-Darrel
>>
>>
>>
>>
>>on 2/27/02 2:08 PM, Daniel Giovannoni at tech@ct5.com wrote:
>>
>>>   Those linksys are not to configurable, kinda the fisher-price of
>>>   routers...
>>>
>>>   If you have static IPs assigned to your domains, then you'll need to
>>map
>>>   those through the router. But, in order to do that I believe you would
>>>   have to turn off NAT -- maybe not completely but at least for those
>>>   specific IPs (this is dependent on whether or not your router is
>>>   configurable like that)
>>>
>>   > Otherwise, yeah like he said change your virtual host IPs to
>>accommodate
>>   > your internal IPs -- you will still have to create static IPs and map
>>   > port 80 to those IPs in the router configuration... But, LInksys makes
>>>   this easy enough...
>>>
>>>   Dan
>>>
>>>
>>>
>>>   -----Original Message-----
>>>   From: Darrel Austin [mailto:daustin@visi.com]
>>>   Sent: Wednesday, February 27, 2002 1:26 PM
>>>   To: users@httpd.apache.org
>>>   Subject: Re: Apache behind a router?
>>>
>>>   You'll need to set up your virtual hosts to accommodate the new
>  >internal
>>>   IP
>>>   addresses your router is serving the machines internally (unless you
>>>   still
>>>   have your server set up with a static IP and the router is just
>>letting
>>>   it
>>>   pass through).
>>>
>>>   -Darrel
>>>
>>>   on 2/27/02 1:19 PM, Sterling Anderson at sterling@sterlinganderson.net
>>>   wrote:
>>>
>>>>   Not sure if this is an Apache question or a router question. My Linux
>>>>   server is running Debian and I installed Apache using Apt. I have 4
>>>>   domains going to my machine and I set them up using Name-based
>>Virtual
>>>>   Hosts. Everything worked fine until I put the server behind my
>>router.
>>>>   The router is a linksys cheapo model. I have all traffic for port 80
>>   >> going to the Apache server but it has stopped forwarding correctly.
>>>>   Does anyone know of any resources for changing my apache config or
>>>>   updating my routing tables?
>>>>
>>>>   Thanks.
>>>>
>>>>   _________________________
>>>>   Sterling Anderson
>>>>
>>>>
>>>>
>>>>   ---------------------------------------------------------------------
>>>>   The official User-To-User support forum of the Apache HTTP Server
>>>   Project.
>>>>   See <URL:http://httpd.apache.org/userslist.html> for more info.
>>>>   To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>>>   For additional commands, e-mail: users-help@httpd.apache.org
>>>>
>>>
>>>
>>>   ---------------------------------------------------------------------
>>>   The official User-To-User support forum of the Apache HTTP Server
>>>   Project.
>>>   See <URL:http://httpd.apache.org/userslist.html> for more info.
>>>   To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>>   For additional commands, e-mail: users-help@httpd.apache.org
>>>
>>>
>>>
>>>
>>>   ---------------------------------------------------------------------
>>>   The official User-To-User support forum of the Apache HTTP Server
>>Project.
>>>   See <URL:http://httpd.apache.org/userslist.html> for more info.
>>>   To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>>   For additional commands, e-mail: users-help@httpd.apache.org
>>>
>>
>>
>>---------------------------------------------------------------------
>>The official User-To-User support forum of the Apache HTTP Server
>>Project.
>>See <URL:http://httpd.apache.org/userslist.html> for more info.
>>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>For additional commands, e-mail: users-help@httpd.apache.org
>>
>>
>>
>>
>>---------------------------------------------------------------------
>>The official User-To-User support forum of the Apache HTTP Server Project.
>>See <URL:http://httpd.apache.org/userslist.html> for more info.
>>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>For additional commands, e-mail: users-help@httpd.apache.org
>
>
>---------------------------------------------------------------------
>The official User-To-User support forum of the Apache HTTP Server Project.
>See <URL:http://httpd.apache.org/userslist.html> for more info.
>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>For additional commands, e-mail: users-help@httpd.apache.org
>
>---------------------------------------------------------------------
>The official User-To-User support forum of the Apache HTTP Server Project.
>See <URL:http://httpd.apache.org/userslist.html> for more info.
>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>For additional commands, e-mail: users-help@httpd.apache.org


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message