2

I'm looking for a way to access multiple servers sharing a single static ip by using different subdomains. As a forewarning, I've never gotten into network configuration before, so my knowledge of appropriate terminology is limited.

Right now I have 3 servers running ubuntu 11.10 sitting behind a switch. I would like to access them as server1.example.com, server2.example.com, and server3.example.com. When all 3 were configured with the same static IP, only one machine held an internet connection. So I spent a lot of time experimenting in /etc/network/interfaces, which was probably a big mistake, before I tried to configure iptables following this guide.

I can't figure out where to start or even what to Google. Maybe I need a different hardware configuration, currently each machine has a single nic, though I can find network cards if necessary. In addition to the switch, I also have an old wrt54g router.

EDIT

I would predominantly like HTTP access to them, but SSH is important as well.

Brendan
  • 31
  • 1
  • 4

2 Answers2

14

You're not going to be able to have all 3 machines share one IP address. Not how networking works. Check out this answer on how network routing works for an explanation as to why.

What you could do: Setup a reverse proxy as your gateway and then have that forward an address based on the HTTP host request header. I would recommend using Pound since it's lightweight and it's only purpose is to be a reverse HTTP proxy. You could though use apache or nginx to accomplish the same thing if you're more familiar with those.

Once you have your reverse proxy setup, you could use NAT for your servers and have your gateway configured with your static IP.

Example on how to do this in Pound (1.2.3.4 is your static IP, all server#.example.com are A records to that static IP):

ListenHTTP
        Address 1.2.3.4
        Port    80
        Service
            HeadRequire "Host: .*server1.example.com.*"

            BackEnd
                Address 192.168.3.11
                Port    80
            End
        End
        Service
            HeadRequire "Host: .*server2.example.com.*"

            BackEnd
                Address 192.168.3.12
                Port    80
            End
        End
        Service
            HeadRequire "Host: .*server3.example.com.*"

            BackEnd
                Address 192.168.3.13
                Port    80
            End
        End
 End

Response to comment

If you want to keep the reverse proxy in one of the current servers you have, you would have to:

  1. Elect one of the servers to be the reverse proxy.
  2. Have your router forward all HTTP traffic to that reverse proxy.
  3. Configure your HTTP servers on the 3 server#.example.com to listen to an alternate port---perhaps 8080.
  4. Finally, configure your reverse proxy to forward traffic based on the host header to the HTTP serves on port 8080.

Configuring an alternate port on the HTTP servers should be pretty simple. The only slightly difficult part would be configuring the reverse proxy but you could find many examples of that being done using pound, apache or nginx.

Community
  • 1
Belmin Fernandez
  • 10,629
  • 26
  • 84
  • 145
  • The 192.168.3.* addresses, are those assigned by the switch/router, or do I choose them? – Brendan Mar 11 '12 at 14:26
  • You could use your wrt54g router to do that. If you don't plan to purchase another machine to be your reverse proxy, you could always elect one of the servers you currently have. I'll amend the answer since this would require a slightly different configuration. – Belmin Fernandez Mar 11 '12 at 16:45
  • Alright, so this is my understanding of the configuration: the gateway machine has one ethernet port plugged into the wall and another plugged into the router. The other machines will be plugged into the router, and they will be configured to use 192.168.3.10 as the gateway (where 10 is the gateway machine). Is this accurate? And would this work for SSH traffic as well? – Brendan Mar 12 '12 at 17:00
  • Sorta right. You will connect the router to the outside with the static IP. You will the configure the router to direct port 80 to the server you will chose as the gateway (reverse proxy). Unfortunately, AFAIK, you wouldn't be able to accomplish this with SSH. In that case, I'll tell you to use the gateway server as your first SSH target then SSH to your other machines from there. – Belmin Fernandez Mar 12 '12 at 19:22
  • 1
    After several pieces of hardware broke (two ethernet cards, the wrt54g, and one of the machines) I got this solution to work. Thanks! – Brendan Mar 29 '12 at 21:34
0

Typically, you cannot set this up by name, only selecting by port. I suppose it's theoretically possible to have one device that listens for a name and forwards to a system based on that name, but I've not heard of a device/program that would actually do this. You could have a web server answer differently based on the name (hence my belief that it's theoretically possible).

Typically, you would port forward. If you wanted server1 to be your sending mail server, then you'd redirect port 25 (most likely), with server2 as your web server, you'd redirect port 80 to server2, and if server3 was to be your SSL web server, then you'd redirect port 443 to it. In this way, ONE IP is handling all 3 servers... but one IP can only handle one set of jobs - those jobs can be divided up amonst multiple servers.

Multiverse IT
  • 1,815
  • 9
  • 10
  • `You could have a web server answer differently based on the name (hence my belief that it's theoretically possible).` This is only possible because of the HTTP protocol. When a visitor requests a page, a request header (`HOST`) is sent with the hostname that the visitor used to navigate to the page. – Belmin Fernandez Mar 10 '12 at 22:14
  • All requests of the same type go to the same port. What you're talking about is a single server running several different services, which is not relevant to the OP's question about routing traffic via subdomain names. – goblinbox Mar 11 '12 at 19:39