sberaud wrote:
Hello.
I am slowly adding domains and returning my sites back into active
status after neglecting them for a while due to replacing my Linux
based home built router with a wireless mortorla/firewall DSL router
and not having a clue how to configure it properly and thus only had
the machine-name based domain working via the static IP for the last 6
months or so (10Mbit was getting long in the tooth).
My main server box is Mandrake 9.1. It is this way because it is one
of the few available distros that will run well on an old AMD350 with
256mb pc133, have a decent GUI and export VNC with some degree of
performance.
I was playing with Ubuntu (wow Debian that works ;)) on my desktop and
like it a lot. I am just nor sure it will run all that well on an old
350 as xorg and 2.6 level kernels are a dog by comparison to Xfree86
on 2.4 on the box (it slows to a crawl when VNC runs), but given the
hoops I am jumping through to try to get the problems sorted out it
might be worth it, if server based things work as well as the stuff I
looked at for the desktop.
The other server is 2.4 ghz AMD with WinXP32, and provides
cross-platform web development services in the form of IIS, MySQL and
MSSQL. It is not forwarded to via the router directly, and is pretty
much sandboxed.
Both servers are headless and my workstation is Win x64/SuSE x64
(10.0), hence the need for VNC.
The router is a Motorola 802.11G DSL router with 4 port hub. It
contains a built in DHCP server and what appears to be a DNS
responder. Sadly it runs ASP. It has a host name set by me to play
nice with the others as part of the primary domain.
The router sits on a static external IP and maintains a private
internal subnet with one connected machine being allowed as a "virtual
server" and is port-forwarded to automatically by the router. I have
some control of the procedure, but most of it is Greek to me..
So the problem here is a combination of ignorance and ignorance.
Being used to having my router and DNS/Web servers as part of the same
Linux box, making virtual hosts and domains was not actually all that
hard.
Now that I have the DSL router, configuring the port forwarding and
then using BIND to run the other domains has been, err... problematic.
I think.
I am not sure because things are sorta working, sorta not, and the way
its not is confusing the heck out of me.
So first question:
Apache and bind: Vhosts
In order to get both the primary host domain and additional vhosts to
work, what set of IPs do I use, the external or internal, when
configuring "A" records in bind and NamedVirtualHosts in Apache to get
the outside world to see both domains when the name server is being
forwarded to and the machine ip is on a private subnet and is
different from the declared (registered) "host"?
As mentioned it sorta works, as some people can see the sites from the
outside and some not. I used the internal subnets. in the configs.
I realize there may not be much here for anybody to go on, so if
clarification is required, I will be happy to provide it.
T.I.A.
S.
_______________________________________________
Linux mailing list
Linux [ at ] lists [ dot ] oclug [ dot ] on [ dot ] ca
http://www.oclug.on.ca/mailman/listinfo/linux
Apache named virtual hosts all run from the same single IP address, so
the external Bind server should be set to resolve all the domains to the
same IP address. This will work well for normal (port 80) web servers
but will NOT work for secure servers (port 443). There is no way to
provide multiple secure servers in Apache on a single IP address as the
certificates will not resolve unless they have a unique IP address.
Name based virtual hosts do not require any trickery on the part of Bind
at all. Apache looks at the page request coming in on port 80, and then
Apache handles the re-direction of the hosts to the particular parts of
the filesystem designated in your httpd.conf (or whatever isotope you run).
Internal IP addresses should NEVER be visible outside the firewall. Do
not configure Bind to advertise internal IP addresses outside the firewall.
Basically, as long as your router can re-direct all requests to port 80
to ONE internal IP address, Apache will handle the rest. Please remeber
that multiple SSL/TLS servers will NOT work with this scheme.
Hope this helps.
--
Bill Strosberg