subdomains/one IP/local network basic networking question

subdomains/one IP/local network basic networking question

Post by Jimmy Dea » Sun, 23 Nov 2003 12:18:33



Hi,

With one IP address I do virtual hosting and have several
domains. The first machine on my network has dns and iptables on it and I
use iptables to do port forwarding to services on my 192.168.x.x machines
inside my network and it works fine.

However, I'd like to do something like have subdomain.mydomain.com be
forwarded completely to a machine inside my network with a 192.168.x.x ip
address. Is this possible? The goal would be to have just one ip
address and do "ssh mymachine.mydomain.com" and get to 192.168.0.2 or
"ssh hermachine.mydomain.com" and get to 192.168.0.3 from the outside, as
an example.

I can't figure out if routing tables can be used for this or if there is
some sort of internal dns service that would do it. Does iptables itself
have this capability?

I'm quite confused, but it seems like this is possible since apache
somehow knows that requests are for subdomain1..... and subdomain2... etc.
in virtual hosts even though all domains and subdomains have my single
real ip in the dns zone files.

Thanks for your thoughts!

Jimmy

 
 
 

subdomains/one IP/local network basic networking question

Post by David Efflan » Sun, 23 Nov 2003 13:08:58



Quote:> With one IP address I do virtual hosting and have several
> domains. The first machine on my network has dns and iptables on it and I
> use iptables to do port forwarding to services on my 192.168.x.x machines
> inside my network and it works fine.

> However, I'd like to do something like have subdomain.mydomain.com be
> forwarded completely to a machine inside my network with a 192.168.x.x ip
> address. Is this possible? The goal would be to have just one ip
> address and do "ssh mymachine.mydomain.com" and get to 192.168.0.2 or
> "ssh hermachine.mydomain.com" and get to 192.168.0.3 from the outside, as
> an example.

> I can't figure out if routing tables can be used for this or if there is
> some sort of internal dns service that would do it. Does iptables itself
> have this capability?

> I'm quite confused, but it seems like this is possible since apache
> somehow knows that requests are for subdomain1..... and subdomain2... etc.
> in virtual hosts even though all domains and subdomains have my single
> real ip in the dns zone files.

Incoming connections are to your public IP, so routing or iptables would
not even know the hostname you used to find the public IP.  The only way
apache knows is from the Host header in the HTTP headers (which could use
mod_proxy to proxy different internal servers).

To connect to a specific host behind a single public IP for protocols
other than www, about all you can do is forward specific ports to specific
hosts (or a vpn tunnel to address them by their private IPs).

--
David Efflandt - All spam ignored  http://www.de-srv.com/
http://www.autox.chicago.il.us/  http://www.berniesfloral.net/
http://cgi-help.virtualave.net/  http://hammer.prohosting.com/~cgi-wiz/