-1

I have one static public IP where 20+ domains/subdomains (A-records) pointing on it. On the LAN-side I have 10+ servers (boxes) running alot of services each (http, smtp, imap, ssh, ftp, rdp, etc.). This servers should be accessable with all services/ports from the WAN with the correct sub-/domain pointing to it.

Which soft-/hardware solution is needed to forward the domains to the correct server?

After two days researching, I lost track for this project. Is a reverse proxy, HAProxy, load balancer, biNAT or a special DNS the correct solution.

UPDATE: isn't it possible to handle every port/service over a proxy-server which checks the given domain e.g. "abc.example.com" and port e.g. "22" and the proxy knows which local server is meant and builds a connection to the local server?

Joel Coel
  • 12,910
  • 13
  • 61
  • 99
Mike
  • 119
  • 3
  • 1
    You assume that this is possible, and for some of the named protocols it is not. – Michael Hampton Jan 04 '16 at 19:50
  • @MichaelHampton For most of the protocols the feasibility comes down to a question of how many requirements you are willing to impose on the clients. – kasperd Jan 04 '16 at 19:54
  • @kasperd - I updated my question – Mike Jan 04 '16 at 20:39
  • @Mike I have build [such a proxy](http://v4-frontend.netiter.com/) that currently supports HTTP, HTTPS, SMTP (and SSH if you are willing to use a patched client). – kasperd Jan 04 '16 at 20:44

1 Answers1

0

You will either need to obtain additional IP addresses or else PAT traffic to those internal hosts using non-standard ports on the WAN.

Of the protocols you mentioned, only HTTP has a concept of a "domain", via the HTTP host header. The rest of the protocols merely use the domain name to resolve an IP address.

EEAA
  • 108,414
  • 18
  • 172
  • 242
  • In the case of SMTP the recipient address can be used to choose a backend. In the case of FTP there is an RFC for the client specifying a domain name, but it isn't widely supported. – kasperd Jan 04 '16 at 20:21