I’m looking for a way to access multiple servers sharing a single static ip by using different subdomains. As a forewarning, I’ve never gotten into network configuration before, so my knowledge of appropriate terminology is limited.
Right now I have 3 servers running ubuntu 11.10 sitting behind a switch. I would like to access them as server1.example.com, server2.example.com, and server3.example.com. When all 3 were configured with the same static IP, only one machine held an internet connection. So I spent a lot of time experimenting in /etc/network/interfaces, which was probably a big mistake, before I tried to configure iptables following this guide.
I can’t figure out where to start or even what to Google. Maybe I need a different hardware configuration, currently each machine has a single nic, though I can find network cards if necessary. In addition to the switch, I also have an old wrt54g router.
EDIT
I would predominantly like HTTP access to them, but SSH is important as well.
edited Mar 11, 2012 at 14:02 — asked Mar 10, 2012 at 0:16
4111 silver badge44 bronze badges
- Access them with what? A browser? Is this an HTTP question? – David Schwartz Commented Mar 10, 2012 at 0:45
- I assumed it was HTTP but, now that you mention it, OP doesn’t explicitly say it’s HTTP. Not sure where I got that implication from. – Belmin Fernandez CommentedMar 10, 2012 at 0:57
2 Answers
You’re not going to be able to have all 3 machines share one IP address. Not how networking works. Check out this answer on how network routing works for an explanation as to why.
Reverse Proxy using Apache or nginx
Setup a reverse proxy as your gateway and then have that forward an address based on the HTTP host request header. I would recommend using Pound since it’s lightweight and it’s only purpose is to be a reverse HTTP proxy. You could though use apache or nginx to accomplish the same thing if you’re more familiar with those.
Once you have your reverse proxy setup, you could use NAT for your servers and have your gateway configured with your static IP.
How to, using Pound
Example on how to do this in Pound (1.2.3.4 is your static IP, all server#.example.com are A records to that static IP):
ListenHTTP
Address 1.2.3.4
Port 80
Service
HeadRequire "Host: .*server1.example.com.*"
BackEnd
Address 192.168.3.11
Port 80
End
End
Service
HeadRequire "Host: .*server2.example.com.*"
BackEnd
Address 192.168.3.12
Port 80
End
End
Service
HeadRequire "Host: .*server3.example.com.*"
BackEnd
Address 192.168.3.13
Port 80
End
End
End
Comments
If you want to keep the reverse proxy in one of the current servers you have, you would have to:
- Elect one of the servers to be the reverse proxy.
- Have your router forward all HTTP traffic to that reverse proxy.
- Configure your HTTP servers on the 3
server#.example.comto listen to an alternate port—perhaps 8080. - Finally, configure your reverse proxy to forward traffic based on the
hostheader to the HTTP serves on port 8080.
Configuring an alternate port on the HTTP servers should be pretty simple. The only slightly difficult part would be configuring the reverse proxy but you could find many examples of that being done using pound, apache or nginx.
Community Bot – answered Mar 10, 2012 at 0:42
- The 192.168.3.* addresses, are those assigned by the switch/router, or do I choose them? – Brendan CommentedMar 11, 2012 at 14:26
- You could use your wrt54g router to do that. If you don’t plan to purchase another machine to be your reverse proxy, you could always elect one of the servers you currently have. I’ll amend the answer since this would require a slightly different configuration. – Belmin Fernandez CommentedMar 11, 2012 at 16:45
- Alright, so this is my understanding of the configuration: the gateway machine has one ethernet port plugged into the wall and another plugged into the router. The other machines will be plugged into the router, and they will be configured to use 192.168.3.10 as the gateway (where 10 is the gateway machine). Is this accurate? And would this work for SSH traffic as well? – Brendan CommentedMar 12, 2012 at 17:00
- Sorta right. You will connect the router to the outside with the static IP. You will the configure the router to direct port 80 to the server you will chose as the gateway (reverse proxy). Unfortunately, AFAIK, you wouldn’t be able to accomplish this with SSH. In that case, I’ll tell you to use the gateway server as your first SSH target then SSH to your other machines from there. – Belmin Fernandez CommentedMar 12, 2012 at 19:22
- 1After several pieces of hardware broke (two ethernet cards, the wrt54g, and one of the machines) I got this solution to work. Thanks! – Brendan CommentedMar 29, 2012 at 21:34
Port Forwarding method, workaround
Typically, you cannot set this up by name, only selecting by port. I suppose it’s theoretically possible to have one device that listens for a name and forwards to a system based on that name, but I’ve not heard of a device/program that would actually do this. You could have a web server answer differently based on the name (hence my belief that it’s theoretically possible).
Typically, you would port forward. If you wanted server1 to be your sending mail server, then you’d redirect port 25 (most likely), with server2 as your web server, you’d redirect port 80 to server2, and if server3 was to be your SSL web server, then you’d redirect port 443 to it. In this way, ONE IP is handling all 3 servers… but one IP can only handle one set of jobs – those jobs can be divided up amonst multiple servers.
answered Mar 10, 2012 at 0:37
You could have a web server answer differently based on the name (hence my belief that it's theoretically possible).This is only possible because of the HTTP protocol. When a visitor requests a page, a request header (HOST) is sent with the hostname that the visitor used to navigate to the page. – Belmin Fernandez CommentedMar 10, 2012 at 22:14- All requests of the same type go to the same port. What you’re talking about is a single server running several different services, which is not relevant to the OP’s question about routing traffic via subdomain names. – goblinbox CommentedMar 11, 2012 at 19:39
This article was first published here