Date: Sun, 9 Dec 2001 19:24:25 +0100 From: Gabriel Ambuehl <gabriel_ambuehl@buz.ch> To: "Dustin Puryear" <dpuryear@usa.net> Cc: freebsd-isp@freebsd.org Subject: Re[4]: Using DNAT and DNS round-robin Message-ID: <43452503966.20011209192425@buz.ch> In-Reply-To: <PGECILGGNJGDPJKLFEMICEJJCIAA.dpuryear@usa.net> References: <PGECILGGNJGDPJKLFEMICEJJCIAA.dpuryear@usa.net>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hello Dustin, Sunday, December 09, 2001, 7:28:41 PM, you wrote: > Gabriel, let me try to explain this better. > We want to setup n web servers behind a firewall, all of which will > be running FreeBSD 4.4-RELEASE. The web servers will be setup for > IP-based virtual hosting. In order to support virtual hosting we > need to do one of So you actually got one IP for each user. Lucky admin, you are. > the following: setup the firewall to just route all incoming > packets for our assigned network internally and have each web > server setup an interface aliase for each IP address used by a > virtual host (I'm not even sure how this would be done to be honest > since we can't have multiple servers using the same IP), Why would you need too? You actually need the reverse, multiple IPs for one server... > setup our firewall with an interface alias for each IP address > used by a virtual host and then use DNAT to just route each > incoming packet to one of the n web servers to be serviced, or use > Squid as a reverse proxy and forgo DNAT or using the public IP > addresses internally. The Squid solution seems the best, but I > could be wrong. Why not just have the firewall act as classic router like all other people out there do it? > My question was what method is being used by others, and if we > choose the second method, if we can still use DNS round robin. (The > latter question you have answered.) You can always use round robin if you have more than one IP hosting the same data. Whether you want to use it is a wholly different topic... Best regards, Gabriel -----BEGIN PGP SIGNATURE----- Version: PGP 6.5i iQEVAwUBPBOeTMZa2WpymlDxAQEC2Af+J6lstVSZ3nkF1RhYebbWtQQOrr9ZwzeV spI4cnc4DUkNLfEumDLntFU9ppDdQL9Y0+1wyR2rhPtofZpAuzKSPz+aOVXtNApo xWtlbWsJer7tcZlvGyFN+spnri8NnwtkZEBG9z6lQ/nz7Gvv86gC9AMNC+DA2Kx5 +PDwmA8iPzGwJwNWBGReqiRYKPYern20NRlQQYrtBkVu4MBzK6k8g9WCMRUdAjWT XxkjXfRVBfBnUrRBGA/eQrkmyP5jtWE7Mm04OIjfS+XShto/zwzvW/RfbmGvzXob x/pWhUhJHWwK4Wlic3x4eCH5YQjOhIIzbcmdYA0w7RlxKTGq5EetAQ== =4YHb -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?43452503966.20011209192425>