From owner-freebsd-questions  Sat Aug 17  0:25:14 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 1BECB37B400
	for <freebsd-questions@FreeBSD.ORG>; Sat, 17 Aug 2002 00:25:11 -0700 (PDT)
Received: from magnesium.net (toxic.magnesium.net [207.154.84.15])
	by mx1.FreeBSD.org (Postfix) with SMTP id 7F73B43E75
	for <freebsd-questions@FreeBSD.ORG>; Sat, 17 Aug 2002 00:25:10 -0700 (PDT)
	(envelope-from negative@magnesium.net)
Received: (qmail 6033 invoked by uid 1224); 17 Aug 2002 07:25:10 -0000
Date: 17 Aug 2002 00:25:10 -0700
Date: Sat, 17 Aug 2002 00:25:10 -0700
From: Jim Geovedi <negative@magnesium.net>
To: Grant Cooper <grant.cooper@nucleus.com>
Cc: freebsd-questions@FreeBSD.ORG
Subject: Re: firewall,apache,qmail - IP Address's
Message-ID: <20020817072510.GA5026@TOXIC.MAGNESIUM.NET>
References: <056501c245b9$e51d3c80$2afececd@TCOOPER>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <056501c245b9$e51d3c80$2afececd@TCOOPER>
User-Agent: Mutt/1.4i
X-URL: http://www.magnesium.net/~negative/
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

 
> I just acquired a new box and don't know the best way of doing this. I
> originally planned on having my box connected to the internet my web server
> / firewall / natd connected to my mail box. Can I forward tcp packets based
> on Port numbers to a specific box so I don't have to buy another ip address?
> Or does anyone have a better idea based on one ip?
> 

Yes, you can do such a Port Mapping and Redirection, which mean specific port
on the external interface mapped to services inside your private network.
For example: 207.154.X.X doesn not actually have any services (except NAT)
running on it. But its mapped the request on specific ports to another box
behind it.


   WWW Server                              Mail Server
   | 192.168.1.2:80                        | 192.168.1.3:25
   | 192.168.1.2:21                        | 192.168.1.3:110
   |                                       |
   +-----------------------+---------------+
                           |
                           | 192.168.1.1
                   Firewall/Gateway
                           | 207.154.X.X:21
                           | 207.154.X.X:25
                           | 207.154.X.X:80
                           | 207.154.X.X:110
                           |
                       Internet

The request made to 207.154.X.X:110 are mapped to the WWW server on
192.168.1.3, if you have highload traffic request, it is possible to have
several servers in your network, with NAT router balancing to load between.

I found a good article about NAT, "Multiple webservers behind one IP
address", http://www.daemonnews.org/200202/multiweb.html


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message