DaemonForums  

Go Back   DaemonForums > Miscellaneous > General software and network

General software and network General OS-independent software and network questions, X11, MTA, routing, etc.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 3rd June 2008
marco64 marco64 is offline
Real Name: Marco
Port Guard
 
Join Date: May 2008
Location: Italy
Posts: 15
Thanked 1 Time in 1 Post
Default Apache on two servers but one public IP

HI all

I have a problem with a recent new server where I deployed several new sites. The problem is that trying to browse the new sites I can go on and old one and no further.

I have one IP public address 62.123.142.xxx. DNS service is given from domain's mantainer. Through an admin panel I can assign the third level names to each domain and point these to my public IP. Thus when I need a new level I just go there and add a line:

domain1 --> 62.123.142.xxx
www.domain1 --> 62.123.142.xxx
web.domain1 --> 62.123.142.xxx
admin.domain1 --> 62.123.142.xxx

domain2 --> 62.123.142.xxx
www.domain2 --> 62.123.142.xxx
web.domain2 --> 62.123.142.xxx

Each of these is served from a local server (192.168.0.8) and there is no problem with this.

Recently have added one new Web Server 192.168.0.7 with 3 new domains and have added this in the maintainer DNS.

domain3 --> 62.123.142.xxx
www.domain3 --> 62.123.142.xxx
web.domain3 --> 62.123.142.xxx

nslookup seems ok. Each resolves to my public IP.

The problem is that trying to browse the new address www.domain3, or www.domain4 and www.domain5 I see the first one www.domain1.

In apache each is set like this on server 1 :

<VirtualHost 192.168.0.8:80>
User "#1000"
Group "#1001"
ServerName beenzeria.com
ServerAlias beenzeria.com www.beenzeria.com
DocumentRoot /usr/home/beenzeria/public_html
ErrorLog /usr/home/beenzeria/logs/error_log
CustomLog /usr/home/beenzeria/logs/access_log combined
ScriptAlias /cgi-bin/ /usr/home/beenzeria/cgi-bin/
DirectoryIndex index.html index.htm index.php index.php4 index.php5
<Directory /usr/home/beenzeria/public_html>
Options IncludesNOEXEC FollowSymLinks
allow from all
</Directory>
<Directory /usr/home/beenzeria/cgi-bin>
allow from all
</Directory>
UseCanonicalName on
</VirtualHost>

and in this way in server 2:

<VirtualHost 192.168.0.7:80>
User "#1005"
Group "#1005"
ServerName webmail.0email.it
ServerAlias webmail.0email.it webmail2.0email.it
DocumentRoot /usr/home/squirrellmail/public_html
ErrorLog /usr/home/webmail/logs/error_log
CustomLog /usr/home/webmail/logs/access_log combined
ScriptAlias /cgi-bin/ /usr/home/webmail/cgi-bin/
DirectoryIndex index.html index.htm index.php index.php4 index.php5
<Directory /usr/home/webmail/public_html>
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
<Directory /usr/home/webmail/cgi-bin>
allow from all
</Directory>
UseCanonicalName on
</VirtualHost>

in /etc/hosts there are the additions ie:
192.168.0.7 newdomain4 newdomain5 newdomain6

local DNS is only used for cache.

What can I set to have this working?
Tks on advance.
Marco
Reply With Quote
  #2   (View Single Post)  
Old 3rd June 2008
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,143
Thanked 182 Times in 149 Posts
Default

You have your two servers running at private addresses 192.168.0.8 and 192.168.0.7.
From the outside these are accessible through Network Address Translation from public address 62.123.142.

You have too high expectations from your NAT router

You expect your router, a simple layer 2 device, to be able to parse the HTTP requests and translate the 62.123.142 address to 192.168.0.8 in case for HTTP request for www.beenzeria. If a HTTP requests comes in for webmail.0email.it you expect this to NAT to 192.168.0.7.
Routers are too dumb to be able to do this.

I am afraid you need a second public IP address for your second server
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
  #3   (View Single Post)  
Old 4th June 2008
marco64 marco64 is offline
Real Name: Marco
Port Guard
 
Join Date: May 2008
Location: Italy
Posts: 15
Thanked 1 Time in 1 Post
Default

Quote:
Originally Posted by J65nko View Post
I am afraid you need a second public IP address for your second server
Will get that - Thanks.

Marco
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
IPSec Tunnel - no public key found mikesg OpenBSD Security 4 7th October 2009 05:49 AM
Howto: Setting up public key password-less 'ssh' access J65nko Guides 4 31st August 2008 04:49 PM
secure ssh with public key milo974 OpenBSD Security 11 9th July 2008 04:52 PM
OS to run in a public computer? Sunnz Off-Topic 31 23rd May 2008 05:47 PM


All times are GMT. The time now is 10:26 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick