Results 1 to 3 of 3

Thread: Network setup

  1. #1

    Network setup

    hello all,

    I have a question of using IP tables. The machine connected directly to the internet has iptables running on it. Actually it is Firestarter which is a front end to iptables. This machine also has an apache webserver with domain pointed to it. I would like to have pointed to another machine on my network that is not directly connected to the internet. How would I do this? If I forward port 80 to the ip address of the machine that has than I would not be able to connect to the webserver on the machine connected to the internet. Is there a way to forward the request based on the domain?



  2. #2
    Senior Member
    Join Date
    Oct 2002
    You would need to run a DNS server on your webserver which would handle external address resolution requests. Your service provider or DNS provider, as far as I know, directs all requests for subdomain resolution to the address the domain is registered to (i.e. you). Without running a DNS server to give a response, all that will be recieved is a network unreachable message.

    The problem would be the requirement of a second IP address to register the subdomains to. I am assuming here that you are using a single external IP address and a private addressing scheme inside your network. This would mean that all resolution requests would return the same IP address, since every external request must be sent to that address. I am unsure if NAT can properly forward subdomains to separate hosts.

    Essentially, first you need to set up a DNS server for your domain which will return requests for address resolutions within it. At that point remote users will get an address returned. The problem is that the domain name is not sent as part of a TCP packet, only the destination IP address - which is the same for all computers in your network.

    Maybe it is possible to set up separate webservers on separate ports. I do not know if DNS responses can include port information, but I imagine somebody reading this does. If they can, try setting your other webservers up on separate ports and forwarding those ports appropriately.
    Government is like fire - a handy servant, but a dangerous master - George Washington
    Government is not reason, it is not eloquence - it is force. - George Washington.

    Join the UnError community!

  3. #3
    Senior Member
    Join Date
    Jul 2002
    Every now and then, one of you won't annoy me.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts