Date: Sun, 24 Nov 2002 13:12:49 +0000 From: Matthew Seaman <m.seaman@infracaninophile.co.uk> To: FreeBSD Mailing List <freebsd-questions@FreeBSD.ORG> Subject: Re: DHCP and an internal web server Message-ID: <20021124131249.GD19837@happy-idiot-talk.infracaninophi> In-Reply-To: <20021124070252.GA28479@tao.thought.org> References: <20021124070252.GA28479@tao.thought.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Nov 23, 2002 at 11:02:52PM -0800, Gary D Kline wrote: > > I understand that there are hardware solutions that allow > a host to run a web server thu DHCPD, but is there a way > of configuring one of my behind-the-firewall server to > serve pages. > > zen.thought.org is an example; i is an older 4.7 system > hardwired as 10.0.0.247. Is there a way of configuring > things to let http://zen.thought.org serve miscellaneous > essays and references, e.g., for my profs. > > thanks for ny clues... i'm new to dhcp... obviously! Errr... Are you by any chance confusing DHCP with NAT? All that DHCP will do for you is assign IP numbers etc. for machines on your local network and tell them where to find various services. For foreign machines trying to access your systems, it won't do anything. In fact, you really, really don't want foreign machines to be able to access your DHCP server at all. Now zen.thought.org has an RFC1918 address. That's fine for you, on your intranet, but it can't be accessed from the Internet at large. If you're going to publish stuff via HTTP from that machine you need to somehow give it access to a registered internet IP. One way of doing that is by using natd(8) to forward packets to port 80 on one of your Internet visible machines to a machine on your private network: natd -n fxp0 -redirect_port 10.0.0.247:80 80 Another way is to use a web server running apache on an internet visible machine to reverse-proxy requests for particular URI's to your internal web server. There a good discussion about using mod_rewrite to do that sort of thing in the apache manual: http://httpd.apache.org/docs/misc/rewriteguide.html Both of these solutions will require you to hardwire the address of your internal server in the dhcpd(8) config, so that you don't run into problems if the lease doesn't get renewed with the same IP number. (You might want to investigate using some DNS trickery with views to hide your internal addresses from the outside world, whilst still letting your internal machines operate normally. But that's just icing on the cake.) Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021124131249.GD19837>