From owner-freebsd-questions Mon Apr 22 8:39: 4 2002 Delivered-To: freebsd-questions@freebsd.org Received: from sage-one.net (adsl-65-71-135-137.dsl.crchtx.swbell.net [65.71.135.137]) by hub.freebsd.org (Postfix) with ESMTP id 08D0737B427 for ; Mon, 22 Apr 2002 08:38:56 -0700 (PDT) Received: from SAGEONE (sageone [192.168.0.5]) by sage-one.net (8.11.6/8.11.6) with SMTP id g3MFZff03726 for ; Mon, 22 Apr 2002 10:35:41 -0500 (CDT) (envelope-from jack@sage-one.net) Message-Id: <3.0.5.32.20020422103539.011fa098@mail.sage-one.net> X-Sender: jack@mail.sage-one.net X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.5 (32) Date: Mon, 22 Apr 2002 10:35:39 -0500 To: freebsd-questions@FreeBSD.ORG From: "Jack L. Stone" Subject: Re: Public IP Address Redirect to 2nd Server In-Reply-To: <3.0.5.32.20020421151900.011ff4d0@mail.sage-one.net> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG At 03:19 PM 4.21.2002 -0500, Jack L. Stone wrote: >I'm running FBSD 4.5-release.... > >I have just installed a new high-speed connection with a block of IPs >assigned to that machine. Everything works fine on the main server, which >is also the gateway running NAT and has a number of virtual hosts and they >work fine too running Apache13_fp. Frontpage works fine on that server >where a large amount of content is managed making FP a must. > >The PROBLEM is that I need SSL too that serves up the online order pages >for the other sites on the main server, but after weeks of tries (and >cries) I just can't get frontpage to run with Apache+ssl (from ports) and >I'm just not smart enough technically to make it work (and I live down here >at the end of the road in So. Texas with very little tch help around). > >The workaround I thought would be to install Apache-1.24+mod_ssl-2.8.8 on a >second server and forward URL requests for order pages to it. Perhaps if I >knew how to just add the mod_ssl, I would have it solved using a single >server, but no can do. > >I have the Apache+ssl running okay on server #2, I have assigned an alias >to the second IP to redirect to server's internal IP #192.168.0.7 but >nothing is forwarded to it so far. Below is my setup to forward from the >second public IP. The first line in RC.CONF is the primary IP and the >second IP is the alias to second server. > >One thing I guessed at was the "netmask" and I read a number of different >opinions and the docs are confusing. As seen below, I set the netmask to >the same as the primary IP routed from the ISP. I've tried 255.255.255.255, >but the output doesn't look right, so I used the setting below leaving the >netmask for both IPs the same. > >REQUEST FOR HELP >Would appreciate y'all taking a look at the info below and see if it looks >like I did it right. > >RC.CONF >ifconfig_rl1="inet XX.XX.XXX.137 netmask 255.255.255.248" >ifconfig_rl1_alias0="inet XX.XX.XXX.138 netmask 255.255.255.248" >natd_flags="-redirect_address 192.168.0.7 XX.XX.XXX.138" > >NETSTAT OUTPUT SHOWS BOTH IPS AS PER ALIAS ABOVE >netstat -a >rl1: flags=8843 mtu 1500 > inet XX.XX.XXX.137 netmask 0xfffffff8 broadcast XX.XX.XXX.143 > inet XX.XX.XXX.138 netmask 0xfffffff8 broadcast XX.XX.XXX.143 > >OUTPUT SHOWS NATD BOUND OKAY PER NATD REDIRECT TO THE SECOND SERVER >ps -auxw | grep natd >/sbin/natd -redirect_address 192.168.0.7 XX.XX.XXX.138 -n rl1 > >Thanks for any help.... > >.... our website: http://www.sage-one.net/ > >Best regards, > >Jack L. Stone >Server Admin > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-questions" in the body of the message > Was there something wrong with this question that it is totally ignored.....???? Did I not give enough info...??? .....or....???? I thought this was the place for such questions..... .... our website: http://www.sage-one.net/ Best regards, Jack L. Stone Server Admin To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message