- This topic is empty.
December 18, 2009 at 4:55 pm #42106JCMember
I am having a slight problem w/ my dns resolution.
my domain works and points to my main website, and i have the ptr reverse lookup setup and it works, but i have just added a sub domain, that also points to here registered, but the new sub domain is on a different box on my network, now the ptr works and gets me directly to the correct box. but from outside it only points to the main site, not the sub. i had the sub on a non standard port and set it in the router table, that was working but it is very clumsy http://here.domain.ca:50000 i would prefer to be able to not have the users put ports in the address.
pti A 192.168.x.x
HINFO “Dual Core x86” “slax”
[obviously the realworld dns has my real domains address this was intended to route from outside to the correct machine inside and to reverse lookup for internal users]
www A 192.168.x.y
HINFO “Dual Core x86” “zeroshell”
that is the main server dns setup
i would really like to get this resolved, any help is appreciated.December 18, 2009 at 5:31 pm #49284athelingMember
If I understand correctly you have two separate servers on your LAN, both using the same protocol (like HTTP) and you want the router to send traffic based on the DNS name?
I don’t think that is possible. Moving one server or the other to use a different port on the WAN allows the router to NAT based on port number which is easy.
Or if you have multiple public IP addresses, NAT based on that is easy too.
Maybe there is a “level 7” filter that iptables can use to figure out the URL in a HTTP request inside of a TCP packet, but without that I don’t see any way do do this in the router.
It might be possible to setup a proxy server that forwards requests to one of your two LAN based servers based on the domain. But I haven’t worked with the Zeroshell proxy at all. Certainly not enough to know if that is possible. And it if is possible it would be very protocol specific. So if your needs are not for web serving but something else you could be totally out of luck.December 18, 2009 at 6:51 pm #49285JCMember
yes, you understand me :)I have one real world ip, and 2 webservers, one is the main site, the second is an interview scheduler, i will be adding a third if i get this figured out. the reason they are separate is someone else setup the main and its an IIS *shudder* the other is apache on a slax install. i do have it working but only on a http://url:port [forwarded thru the router –> virtual servers but it seems clumsy to me] and there is no way to add a port to the DNS section, tells me not a valid ip.December 18, 2009 at 7:04 pm #49286athelingMember
The HTTP proxy mechanism is designed for users accessing the Internet. But maybe it could be configured to proxy Internet requests to local servers. Those servers would/could have different IP addresses based on the DNS results seen on the router.
So assuming that the Zeroshell DNS server is only for local use (does not handle requests from the Internet for public addresses) you could have it do the mapping. Something like:
http://www.example.com -> 192.168.1.100
xxx.example.com -> 192.168.1.200
So requests handled by the proxy server for http://www.example.com would have the data retrieved from 192.168.1.100 while requests for data from xxx.example.com would have data retrieved from 192.168.1.200.
If you are doing things with SSL/TLS then it probably won’t work as you will have a “man in the middle” setup which HTTPS should rightly complain about. But for plain old HTTP it might be made to work. And if it works for two servers it ought to work for more.
But as I posted earlier, I haven’t worked with the proxy server so I am not sure if it could be setup that way.December 18, 2009 at 8:20 pm #49287ppaliasMember
What you need is to use the virtual hosts of apache. Both names will resolve the same server, but one of them will point to the virtual host, which will be the other web server. The other web server can also be reached with mod-proxy (or something like that) of apache.
- You must be logged in to reply to this topic.