From owner-freebsd-isp Sun Dec 9 9:51:30 2001 Delivered-To: freebsd-isp@freebsd.org Received: from c007.snv.cp.net (c007-h015.c007.snv.cp.net [209.228.33.222]) by hub.freebsd.org (Postfix) with SMTP id 365C737B416 for ; Sun, 9 Dec 2001 09:51:27 -0800 (PST) Received: (cpmta 28000 invoked from network); 9 Dec 2001 09:51:26 -0800 Received: from 216.227.100.85 (HELO vector) by smtp.telocity.com (209.228.33.222) with SMTP; 9 Dec 2001 09:51:26 -0800 X-Sent: 9 Dec 2001 17:51:26 GMT From: "Dustin Puryear" To: Subject: RE: Using DNAT and DNS round-robin Date: Sun, 9 Dec 2001 11:59:21 -0600 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) Importance: Normal In-Reply-To: X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I forgot to mention our third option, which also appears quite viable. We are looking into the use of Squid, which has virtual hosting support. Using this method we can forgo DNAT entirely. Any thoughts or experience with this additional method? Regards, Dustin --- Dustin Puryear Information Systems Consultant http://members.telocity.com/~dpuryear In the beginning the Universe was created. This has been widely regarded as a bad move. - Douglas Adams > -----Original Message----- > From: owner-freebsd-isp@FreeBSD.ORG > [mailto:owner-freebsd-isp@FreeBSD.ORG]On Behalf Of Dustin Puryear > Sent: Sunday, December 09, 2001 11:47 AM > To: freebsd-isp@freebsd.org > Subject: Using DNAT and DNS round-robin > > > I posted earlier concerning using FreeBSD with a web service with one > firewall and two web servers, all running FreeBSD 4.4-RELEASE. > Basically, we > feel that we have two solutions that would work. First, we can setup each > web server with a series of interface aliases for each IP-based virtual > host. Second, we could maintain a private internal network and assign each > web IP address to be used on the firewall's public interface and then use > DNAT to send the request to the web servers. I am thinking the second > solution is best. > > Is this how most of you do this? Also, can I configure FreeBSD to use some > type of round robin so that we can use multiple web servers? My concern is > that when I create the routing tables the IP addresses are used > internally, > and not symbolic names, so specifying a hostname won't have the desire > result even if I have DNS setup to round robin that hostname > between several > addresses. > > Any help? > > BTW, I may post a similar question to freebsd-questions, so you can ignore > one of these. :) > > Regards, Dustin > > --- > Dustin Puryear > Information Systems Consultant > http://members.telocity.com/~dpuryear > In the beginning the Universe was created. > This has been widely regarded as a bad move. - Douglas Adams > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message