One static IP and multiple domains

G

gpatrick

I have one static IP address on the external interface of a router which is NAT'd and goes to a firewall, then I have a DMZ setup with a web server, DNS server, and mail server for say example.com on a 10.0.2 network. There is also and internal network.

I have a db.10.0.2 file that contains addresses for mail.example.com, http://www.example.com, dns.example.com, etc. As well as the db.example.com which has entries for the servers in example.com.

How would I go about adding another domain, say domain.com, inside the DMZ? Would I need to create another db.domain.com file which would mostly be the db.example.com and add entries for domain.com to the db.10.0.2 file? I would also need to add a zone to named.conf for domain.com?

Is this the correct way to go so if someone hits http://www.example.com at 1.2.3.4 they go to the right server in the dmz or if they want http://www.domain.com they will go to 1.2.3.4 and the right server in the dmz?

I plan to have 3 or 4 sites so any help is appreciated on whether this would work or what I need to do.
 
If the machine containing those db files (which application uses those?) is 'host aware', you may be able to split traffic. But normally the host part (the website domain) doesn't come into play until after port 80 is already opened.

In other words, the visiting web browser requests to open port 80 of an IP address (belonging to http://www.example.com or http://www.domain.com), after which it will issue the Host command to tell the webserver which website it actually wants to visit.

Since both websites have the same IP address, there's no way of knowing which site is being visited before the connection to port 80 has already been made, unless you have some application running which acts as a front-end (like a reverse proxy server).
 
If I use a reverse proxy in front then would I be able to have http://www.example.com and http://www.domain.com and other sites setup as I originally wanted?

In the db.example.com if using a reverse proxy, would the A record for www still be pointed to the IP of example.com and have an A record for the reverse proxy of something like 'reverse' and the reverse proxy IP?

example:
db.example.com
www IN A 10.0.2.151
reverse IN A 10.0.2.155

db.domain.com
www IN A 10.0.2.152
reverse IN A 10.0.2.155
 
Yes, a reverse proxy can talk to different back-end servers depending on the website it needs to serve. In fact, the reverse proxy handles all customer-facing http traffic and caches it in the process -- it uses its back-end connections to get the content from 'the original web servers', wherever those might be. Your public A records will all point to your public IP (with port 80 redirected to the reverse proxy), your internal setup will determine which server actually contains the data that need to be served.
 
SirDice has a good point there, as usual. I was assuming you needed several sites on different servers, acting as one. If you have one web server for several sites, just use VirtualHosts, and host 10,000 sites on a single IP address, if you like.
 
I never gave thought to using Apache Virtual Hosts, but that might suit my needs. How would A and CNAME records be setup for virtual hosts and I would still needs different zone files for each domain?
 
You can either give each website its own A record, or define one website with an A record and the others with a CNAME pointing to that A record. I'm sure there are purists, but I usually don't bother with CNAMEs myself. I just hand out A records to every hostname in my zone files.

If by 'zone files' you mean DNS zone files: yes, each domain has its own zone file in DNS.
 
You've to add domain one by one to named.conf and create zone file, followed by named reload. This will point to correct IP on server. Do you've only one public ip? If so you have to setup reverse proxy for each server. If you are going to host all site on a single Apache server, than use apache virtual host.
 
You must log in or register to reply here.
Back
Top