From owner-freebsd-isp Tue Dec 11 8: 0:23 2001 Delivered-To: freebsd-isp@freebsd.org Received: from gamma.root-servers.ch (gamma.root-servers.ch [195.49.62.126]) by hub.freebsd.org (Postfix) with SMTP id 947EA37B419 for ; Tue, 11 Dec 2001 08:00:14 -0800 (PST) Received: (qmail 59686 invoked from network); 11 Dec 2001 16:00:13 -0000 Received: from dclient217-162-128-224.hispeed.ch (HELO athlon550) (217.162.128.224) by 0 with SMTP; 11 Dec 2001 16:00:13 -0000 Date: Tue, 11 Dec 2001 17:01:03 +0100 From: Gabriel Ambuehl X-Mailer: The Bat! (v1.53bis) Educational Organization: BUZ Internet Services X-Priority: 3 (Normal) Message-ID: <73616702571.20011211170103@buz.ch> To: "Dustin Puryear" Cc: freebsd-isp@freebsd.org Subject: Re[8]: Using DNAT and DNS round-robin In-Reply-To: References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org -----BEGIN PGP SIGNED MESSAGE----- Hello Dustin, Monday, December 10, 2001, 4:57:08 PM, you wrote: > I guess that is where the initial confusion came from. In order for > each webserver to offer the same IP-based virtual hosts as the > other n-1 webservers, it appears that I need to setup the same IP > alias on each webserver, unless I am missing something. Obviously, > that won't work. That is one reason why I was looking at Squid. Ah now I get it. If you bind the virtual hosts to the IP, you have no other option than having the IPs assigned to the firewall and either run statical NAT or some proxy (like squid or apache mod_proxy) on the firewall. > I am surprised this problem isn't more common. I mean, someone out > there must be trying to spread several IP-based virtual hosts > across n servers. Most people probably won't care for IP based or not. That only matters for SSL, anyway. >> with hosting consumers, that's obviously not possible. > Well, we are one of those "we control all data" types. :) That's nice. I wished I were in the same situation... >> You simply can't have the same IP based virtual host on two >> machines. The online thing that can be done there is round robin >> NAT but for reasons pointed out above, that's major PITA. > That is becoming rather obvious to me at this point. Given you can solve the fs inconsistency issues, round robin NAT actually would be the by far fastest solution to do what you want. Squid should do the job too, more flexibly, but probably slower. Best regards, Gabriel ÜyœòÔÄŠ& Ä -----BEGIN PGP SIGNATURE----- Version: PGP 6.5i iQEVAwUBPBYftsZa2WpymlDxAQHJ+wf/WDJRAA3cXZflbe4BOafbRdwX05WJphek k6pkgYl/StE5Qap8ke2rEjsngnYqiuNyBXyMvxRh1OtlK/ECflkDeVMUY8R5XGgP z4xQEY2G4pKuSwSMUC8UwXJV2hPrO7UDxZtpmN2XLlWf/zd892pQEsqBtiJ8IOOg 9LLfnAcE5086hRu5BABGNlc76vZZaD0H9sHQLS0RjVQyBMbxTeMfSdofCXZuD6je fq6E7EofZtlNqBli2b3m10ixW3s9eNsG+lKRNcqcxVVfzy6qbGzTk6cesWVxQdIF edreIjgxiWTDzLGiauaMaWLguvLBcWXT875nURR6oczRUIZSBtTd+A== =4Nvx -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message