You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Daniel G <te...@ct5.com> on 2002/03/01 04:28:41 UTC

RE: Router Recommendation? (Was Re: Apache behind a router?)

I assume they are gonna be expensive. As you prolly know... For home use
I just make do with whatever... For instance, my recycled P2 233 (which
is luxury compared to some *nix geeks)...

Besides it gives you a chance to brush up on IPTABLES and various other
nifty Linux thingymahoogies...

Sorry, I couldn't help more...

Dan
 

-----Original Message-----
From: Darrel Austin [mailto:daustin@visi.com] 
Sent: Wednesday, February 27, 2002 6:56 PM
To: users@httpd.apache.org
Subject: RE: Router Recommendation? (Was Re: Apache behind a router?)

The external link is my incoming DSL line with 5 IPs. Yea, I realize 
I could do a software solution, but I'd really just prefer a hardware 
router/firewall.

-Darrel


>Is the external link ethernet?  A Pentium 100 with two NICs, Linux and
>iptables can NAT itself silly, in addition to other fw/route duties.
>
>
>-----Original Message-----
>From: Darrel Austin [mailto:daustin@visi.com]
>Sent: Wednesday, February 27, 2002 8:13 PM
>To: users@httpd.apache.org
>Subject: RE: Router Recommendation? (Was Re: Apache behind a router?)
>
>
>Dan:
>
>Yea, that's the theory ;o)
>
>It's a good theory, but the problem is that you can only have 1 VIP
>address active with NAT. That means only 1 address can NAT through it
>to the inside.
>
>So, I suppose my real question is, what's the cheapest router that
>can have multiple VIP address with NAT running (my ISP suggested the
>Cisco 806 (?) but that's $350...a bit too much for a hobby server.)
>
>-Darrel
>
>
>
>
>>Boy that sounds like a familiar config... At work we have two lines, a
>>T1 coming into a Cisco 2620 and a SDSL coming into a Cisco 678 --
prolly
>>very similar to your 675...
>>
>>Our DSL also gives us a block of 5 IPs. Though I have not done this,
and
>>God knows our DSL tech support was of absolutely no help... And
>>searching thru the Cisco help database was worse than wading through
the
>>Perl Man Page...
>>
>>But, (theoretically) you should be able to assign a different static
IP
>>to another VIP interface. And then just use static addressing and port
>>forwarding to point it to a different internal address on the same
>>subnet... Any current mapping is done between eth0 and vip0 -- add a
NAT
>>rule to map some addresses from eth0 to vip1... essentially...
>>
>>		(show interfaces)
>>
>>	eth0 *current internal IP subnet*
>>	vip0 *current external IP*
>>	vip1 *additional external IP*
>>
>>Theoretically it should work, though as I said I haven't had a need to
>>try it yet...
>>
>>Tell me if it works to, or if you've tried it... I'd like to know if
it
>>works...lol...
>>
>>Dan
>>
>>
>>
>>
>>-----Original Message-----
>>From: Darrel Austin [mailto:daustin@visi.com]
>>Sent: Wednesday, February 27, 2002 2:19 PM
>>To: users@httpd.apache.org
>>Subject: Router Recommendation? (Was Re: Apache behind a router?)
>>
>>Hey Dan:
>>
>>I don't want to take this thread too far off topic, but you appear to
>>know
>>about routers a bit.
>>
>>We're currently hosting two different web servers on our network,
along
>>with
>>4-6 workstations, and a block of 5 IPs. We'd like to NAT everything,
>>however, we can't NAT more than one IP address using our default Cisco
>>675
>>router (ie, we can't NAT 1.1.1.1 to one internal IP and 1.1.1.2 to a
>>second
>>internal IP), so we need to upgrade to a router/firewall that can.
>>
>>Can you recommend one? These are just hobby servers on a DSL line,
>>nothing
>>high-end...but I hate having all of these machines hooked up via
>>external
>>static IPs.
>>
>>Apologies for drifting off-topic...
>>
>>-Darrel
>>
>>
>>
>>
>>on 2/27/02 2:08 PM, Daniel Giovannoni at tech@ct5.com wrote:
>>
>>>   Those linksys are not to configurable, kinda the fisher-price of
>>>   routers...
>>>
>>>   If you have static IPs assigned to your domains, then you'll need
to
>>map
>>>   those through the router. But, in order to do that I believe you
would
>>>   have to turn off NAT -- maybe not completely but at least for
those
>>>   specific IPs (this is dependent on whether or not your router is
>>>   configurable like that)
>>>
>>   > Otherwise, yeah like he said change your virtual host IPs to
>>accommodate
>>   > your internal IPs -- you will still have to create static IPs and
map
>>   > port 80 to those IPs in the router configuration... But, LInksys
makes
>>>   this easy enough...
>>>
>>>   Dan
>>>
>>>
>>>
>>>   -----Original Message-----
>>>   From: Darrel Austin [mailto:daustin@visi.com]
>>>   Sent: Wednesday, February 27, 2002 1:26 PM
>>>   To: users@httpd.apache.org
>>>   Subject: Re: Apache behind a router?
>>>
>>>   You'll need to set up your virtual hosts to accommodate the new
>  >internal
>>>   IP
>>>   addresses your router is serving the machines internally (unless
you
>>>   still
>>>   have your server set up with a static IP and the router is just
>>letting
>>>   it
>>>   pass through).
>>>
>>>   -Darrel
>>>
>>>   on 2/27/02 1:19 PM, Sterling Anderson at
sterling@sterlinganderson.net
>>>   wrote:
>>>
>>>>   Not sure if this is an Apache question or a router question. My
Linux
>>>>   server is running Debian and I installed Apache using Apt. I have
4
>>>>   domains going to my machine and I set them up using Name-based
>>Virtual
>>>>   Hosts. Everything worked fine until I put the server behind my
>>router.
>>>>   The router is a linksys cheapo model. I have all traffic for port
80
>>   >> going to the Apache server but it has stopped forwarding
correctly.
>>>>   Does anyone know of any resources for changing my apache config
or
>>>>   updating my routing tables?
>>>>
>>>>   Thanks.
>>>>
>>>>   _________________________
>>>>   Sterling Anderson
>>>>
>>>>
>>>>
>>>>
---------------------------------------------------------------------
>>>>   The official User-To-User support forum of the Apache HTTP Server
>>>   Project.
>>>>   See <URL:http://httpd.apache.org/userslist.html> for more info.
>>>>   To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>>>   For additional commands, e-mail: users-help@httpd.apache.org
>>>>
>>>
>>>
>>>
---------------------------------------------------------------------
>>>   The official User-To-User support forum of the Apache HTTP Server
>>>   Project.
>>>   See <URL:http://httpd.apache.org/userslist.html> for more info.
>>>   To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>>   For additional commands, e-mail: users-help@httpd.apache.org
>>>
>>>
>>>
>>>
>>>
---------------------------------------------------------------------
>>>   The official User-To-User support forum of the Apache HTTP Server
>>Project.
>>>   See <URL:http://httpd.apache.org/userslist.html> for more info.
>>>   To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>>   For additional commands, e-mail: users-help@httpd.apache.org
>>>
>>
>>
>>---------------------------------------------------------------------
>>The official User-To-User support forum of the Apache HTTP Server
>>Project.
>>See <URL:http://httpd.apache.org/userslist.html> for more info.
>>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>For additional commands, e-mail: users-help@httpd.apache.org
>>
>>
>>
>>
>>---------------------------------------------------------------------
>>The official User-To-User support forum of the Apache HTTP Server
Project.
>>See <URL:http://httpd.apache.org/userslist.html> for more info.
>>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>For additional commands, e-mail: users-help@httpd.apache.org
>
>
>---------------------------------------------------------------------
>The official User-To-User support forum of the Apache HTTP Server
Project.
>See <URL:http://httpd.apache.org/userslist.html> for more info.
>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>For additional commands, e-mail: users-help@httpd.apache.org
>
>---------------------------------------------------------------------
>The official User-To-User support forum of the Apache HTTP Server
Project.
>See <URL:http://httpd.apache.org/userslist.html> for more info.
>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>For additional commands, e-mail: users-help@httpd.apache.org


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server
Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org




---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org