Hi all,

I'm couriers - is is possible to make a host based routing whit ipfw or similar?

I know that this would be difficult specially while I only have one public IP.

Best regards
Henrik Nielsen

Typically firewalls don't route anything. It's the routing tables that dictate where traffic is routed too.

You can boot with static routes by using route statements in rc.conf.
route
rc.conf, search for 'static_routes'

sorry.. i ment natd

regarding the use of the route (8) the problem is how to route from a specific host? - It's quite easy to route from a given public IP to a local ip etc etc, but my problem is I only have one public IP and looking for a method to route on hosted based..

The issue is .. i need somehow to do this..

<Internet> /----/ <Domain> /---/ 192.168.1.1
<Internet> /----/ <Sub. Domain><Domain> /---/ 192.168.2.1

The problem is that I dont have a spare IP for the subdomain, so I'm looking for a way for forward the requests to another local IP..

Its not exactly what you asking for, but you can try to use 'nginx' proxying webserver (www/nginx) - its really easy with it.

Hi alt,

The issue is that it's all the services i want to do.. ircd,smtp,www etc etc..

Its really not proxy related, as I'm talking about different servers and different hosts.

With only one public IP you can only redirect one service to one internal host, so public_ip:25 -> internal_ip_1:25, and public_ip:80 -> internal_ip2:80. One service, one host. Jails typically work this way, but also setups with several internal servers on a DMZ/LAN. If you have two smtp servers you're out of luck. You can only attach one to public_ip:25 (well, you could do something with round-robin routing I guess).

You can run several physical webservers behind a single port 80, but you'd need a reverse proxy like Squid or nginx to differentiate between the different Hosts being requested.

What you're asking for is impossible. You need another IP address or you have to resort to using non-standard ports.

With only one public IP you can only redirect one service to one internal host, so public_ip:25 -> internal_ip_1:25, and public_ip:80 -> internal_ip2:80. One service, one host. Jails typically work this way, but also setups with several internal servers on a DMZ/LAN. If you have two smtp servers you're out of luck. You can only attach one to public_ip:25 (well, you could do something with round-robin routing I guess).

You can run several physical webservers behind a single port 80, but you'd need a reverse proxy like Squid or nginx to differentiate between the different Hosts being requested.

Thanks for the help!
I will try to look into round-robin but as told, I think I'm up to a impossible task (specially when looking into reserve ip)..