LAN server question

[gripen]

I want to host two separate web sites on my LAN. We have one public IP address. I have a firewall providing NAT and a transparent proxy etc to the LAN.

I want to host two (for example) web servers as follows:
name1.dyndns.org (points to gateway PC port 80)
name2.dyndns.org (points to LAN PC port 80)

The whole point is to avoid the :81 notation. I have servers running up to port 85 on the gateway PC.

I can currently access a server on the LAN PC with port mapping. i.e. name1.dyndns.org:86 will bring up the web server if mapped to LAN PC:80

Is there any way to do this?

 

[nicroets]

Apache quite easily allows virtual hosting i.e.
rational.co.za and faerieglen.dynalias.org map to different directories on the same computer with the one IP.

If I find a better solution, I'll mail you.

<center>MyWireless Tower Distance Calculator
MyTransponder</center>

 

[regardtv]

Personally I think nic's option is the most elegant. You need to look at "name based" virtual hosting specifically.

your option for name1 and name2 will not work unless you have 2 public ips.

R

 

[gripen]

i just need to know if theres a way. It would be useful to have a dynamic dns name to point to the LAN pc but like a public IP address I guess it is wishful thinking.

Its easy to use multiple dir's. Anyways. Thanks for the help.

One more question, when running Squid as a transparent proxy (not that I have got it working yet) does it apply to ALL ports? i.e. can I apply squid bandwidth control to lets say, P2P traffic?

 

[TheRoDent]

You use Apache on the machine with the external IP address, and configure it with name-based virtual hosting for the two dynamic domains. You can then configure the first virtual host in apache, to access local files, and then the second virtual host to "reverse-proxy" to your PC on the LAN.

That way, the single public IP will serve 2 domains, one hosted directly on the machine with the external IP, and the second on the machine with the internal "LAN" IP. Apache will then forward requests to name1.dyndns.org to the local machine with your modem, traffic for name2.dyndns.org to the internal lan machine.

A typical apache vhost configuration snippet for this would look like this:

NameVirtualHost *
<VirtualHost *>
    ServerName name1.dyndns.org
    DocumentRoot C:/htdocs/site1
</VirtualHost>

<VirtualHost *>
    ServerName name2.dyndns.org
    DocumentRoot C:/htdocs/site2
    ProxyPass / http://internal-lan.machine.ip:80/
    ProxyPassReverse / http://internal-lan.machine.ip:80/
</VirtualHost>

Note, that even though the second virtual host has a DocumentRoot, it is not used. It is just there because apache requires every vhost to have a docroot. Naturally, for this all to work you will need apache 2.x with mod_proxy, and mod_proxy_http enabled in the configuration.

As for Squid, it only understands HTTP, FTP, and SSL's CONNECT protocols. Unless your P2P client's protocol is encapsulated in those, it won't work, <i>especially</i> if it's a transparent proxy.

<center><h6> MyWireless <s>Hacks</s> Tweaks & Tech Info || Have you checked the fawking FAQ? <br /> <font color="red">Tired of bad Service? Want to compare speeds? We at least listen...</font id="red"></h6></center>

 

[regardtv]

Ok, so Rodent is in a "teaching" mode ;-)

I'm suprised ... I mentioned "name based virtual hosting" ... I'd expect your standard reply would have been .... www.google.com ;-)

R

 

[gripen]

Thanks for the help Rodent.

So Squid is only really for browsing cache.. hmm didnt know that. So that renders its speed control slightly useless since P2P etc is what needs to be limited. Anyways..

 

[TheRoDent]

greedy, if you use Linux as a router/firewall solution you can use the builtin-in network scheduler/queue management to prioritize/reduce the rate of traffic of certain ports, giving the limiting you require for P2P.

On windows, though, you have no such options without third party software.

<center><h6> MyWireless <s>Hacks</s> Tweaks & Tech Info || Have you checked the fawking FAQ? <br /> <font color="red">Tired of bad Service? Want to compare speeds? We at least listen...</font id="red"></h6></center>

 

[gripen]

Im not going the linux route.

I was actually just wandering if squid could be used to throttle traffic such as P2P. I dont really need to throttle anything as yet.

Other than netlimiter their are no useful 3rd party apps that I know of..

 

[Karnaugh]

Squid is not a traffic shaper, its an HTTP proxy and thats it.

- Colin Alston
colin at alston dot za dot org

"Getting traffic shaping right is easy and can be summed up in one word: Dont." -- George Barnett

 

[regardtv]

strictly speaking karnaugh is correct but squid can provide rate limiting and prioritization of http traffic.

 

[TheRoDent]

greedy, http://bandwidthcontroller.com/features.html is a third party product that can do per IP, or per port shaping for windows.

I've heard some good things about http://www.cfos.de/speed/index_e.htm but I'm not really familiar with it either.

<center><h6> MyWireless <s>Hacks</s> Tweaks & Tech Info || Have you checked the fawking FAQ? <br /> <font color="red">Tired of bad Service? Want to compare speeds? We at least listen...</font id="red"></h6></center>